Configuring Firewall Allowed Rules
The Active device communicates with the Redundant device through the Maintenance interface. This interface is used by the Active device for HA maintenance with the Redundant device, for example, synchronizing configuration and software updates, and performing an HA switchover (see Connectivity and Synchronization between Devices for more information).
For HA maintenance, the following ports are used:
|
Type |
Protocol |
Direction |
Source Port |
Destination Port |
|---|---|---|---|---|
|
HA Messages |
UDP |
Both directions (Active-Redundant) |
669 |
669 |
|
HA Keep-Alive |
UDP |
Both directions (Active- Redundant) |
670+n (multiple streams) |
680 |
|
HA Control and Data |
TCP |
Redundant to Active |
Any |
2442 |
|
HA Files |
TCP/TLS |
Redundant to Active |
Any |
80/443 |
|
Cluster Keep-Alive (Mediant CE Only) |
UDP |
Both directions (Signaling Component - Media Components) |
3900+n (multiple streams) |
3900 |
|
Cluster Control and Data (Mediant CE Only) |
TCP/TLS |
Signaling Component to Media Components |
Any |
2424 |
| ● | By default, the device's internal firewall keeps the above listed ports open. If you have an external firewall located between the Active and Redundant devices, make sure that it keeps these ports open as well (i.e., allows this traffic). |
| ● | If the device needs to communicate with |