Home

Firewall Configuration

We strongly recommend that the ExaVault virtual appliance be deployed behind a firewall. This guide provides guidance for how to configure the ports to open on your firewall.

The ExaVault appliance must have at least some inbound and outbound connectivity to the public Internet, and that is detailed on this page as well.

Refer to the tables below when configuring your firewall for the list of ports which need to be opened.

Inbound Traffic (Public Internet) Port Requirements

Port

Description

ICMPv4

Used for verifying the server is up and accessible.

80

Used for non secure web GUI access to the application. Does not need to be made available publicly.

443

Used for secure Web GUI access to the application. Does not need to be made available publicly. Also used by the API.

21

Used for FTP access to the appliance. Does not need to be open if the FTP service is not used externally.

22

User for SFTP access to the appliance. Does not need to be open if the SFTP service is not used externally.

990

Used for FTPS access to the appliance. Does not need to be open if the FTPS service is not used Externally.

40000-49999

Used for FTP/FTPS data channels to the appliance. Does not need to be open if neither the FTP nor FTPS services are used Externally. Note: Currently only a subset of this range is used by the appliance, but we recommend opening the entire range because we will be expanding the range in future versions.

Inbound Traffic (Internal Network) Port Requirements

Port

Description

Required

ICMPv4

Used for verifying the server is up and accessible.

YES

80

Redirects to HTTPS port 443

YES

443

Used for secure Web GUI access to the application. Does not need to be made available publicly. Also used by the API.

YES

21

Used for FTP access to the appliance. Does not need to be open if the FTP service is not used externally.

NO

22

User for SFTP access to the appliance. Does not need to be open if the SFTP service is not used externally.

NO

990

Used for FTPS access to the appliance. Does not need to be open if the FTPS service is not used Externally.

NO

10022

Used for support sessions to the appliance. ( for support sessions SSH access is required running on port 10022 )

YES*

9002

Used to access the appliance manager web GUI ( for setup and management of the appliance )

YES*

40000-49999

FTP Passive Ports

NO

* These ports are needed for administering the system and should be locked down at the firewall.

Outbound Traffic Port Requirements

Port

Description

Required

80

Used to download updates from our servers

YES

443

Used to download updates from our servers

YES

53

DNS services to resolve names for updates

YES

PreviousSystem RequirementsNextInstallation & Setup

Last updated