Network & Firewall
- Temporary User for conlfuence CLI (Unlicensed)
Dec 07, 2016
1 min read
Loading data...
The Site Controller software requires communication with the azeti Engine to send out data and to receive configurations. Therefore some network ports must be opened to run the overall solution properly. Different types of communication is involved and it is mandatory to configure your firewall accordingly for proper functionality.
SIte Controller to azeti Engine
The Site Controller software running on your edge device requires outgoing traffic towards its destination azeti Engine server.
User Browser to azeti Engine
The azeti Engine is a web application that uses the WebSockets technology for communication and thus requires ports to be opened between the azeti Engine Server and the users web browser.
On this page:
Firewall Between User's Web Browser and azeti Engine
| Port | Firewall | Direction | Source host | Destination host | Protocol | Description |
|---|---|---|---|---|---|---|
| 80 | optional | outgoing | Tomcat | User's Web Browser | HTTP | Web application (testing/dev) |
| 8081 | optional | outgoing | ActiveMQ | User's Web Browser | Websockets | Web application live updates (testing/dev) |
| 443 | mandatory | outgoing | Tomcat | User's Web Browser | HTTPS | Web application (production) |
| 8082 | mandatory | outgoing | ActiveMQ | User's Web Browser | Secure Websockets | Web application live updates (production) |
Firewall Between Site Controller and azeti Engine
| Port | Firewall | Direction | Source host | Destination host | Protocol | Description |
|---|---|---|---|---|---|---|
| 1883 | optional | outgoing | ActiveMQ | SiteController | MQTT | SiteController from/to azeti Cloud Broker in VPN environments |
| 8883 | optional | outgoing | ActiveMQ | SiteController | MQTT + TLS | SiteController from/to azeti Cloud Broker in Internet environments |
Full Networking Within azeti Engine Installation
| Port | Application | Protocol | Description |
|---|---|---|---|
| 1883 | ActiveMQ | MQTT | Site Controller from/to azeti Engine Broker in VPN environments |
| 8883 | ActiveMQ | MQTT + TLS | Site Controller from/to azeti Engine Broker in Internet environments |
| 8081 | ActiveMQ | WS | Web browser to ActiveMQ web sockets |
| 8082 | ActiveMQ | WSS | Web browser to ActiveMQ web sockets |
| 61613 | ActiveMQ | STOMP | Internal connection Back-end/ActiveMQ |
| 61614 | ActiveMQ | STOMP+TLS | Internal connection Back-end/ActiveMQ |
| 61616 | ActiveMQ | JMS | Internal connection Back-end/ActiveMQ |
| 5432 | PostgreSQL | TCP/Postgres-specific | Internal connection Back-end/PostgreSQL |
| 8083 | InfluxDB | HTTP | Internal connection Back-end/InfluxDB admin interface |
| 8086 | InfluxDB | HTTP | Internal connection Back-end/InfluxDB |
| 80 | Tomcat | HTTP | Web application (dev/test) |
| 443 | Tomcat | HTTPS | Web application (production) |