Setting Accesser node inbound rules
The Accesser® Node is the D/L IP for each rule.
| Rule | Action | Protocol | D/L port | S/R IP | S/R port | Description |
|---|---|---|---|---|---|---|
|
1 |
Allow |
TCP |
80 |
HTTP-SO/NO clients |
Any |
HTTP object interface to Vaults |
|
2 |
Allow |
TCP |
443 |
HTTP-SO/NO clients |
Any |
HTTPS object interface to Vaults |
|
3 |
Allow |
TCP |
8443 |
HTTP-SO/NO clients |
Any |
|
|
4 |
Allow |
TCP |
22 |
Admin clients |
Any |
SSH for administrative CLI |
|
5 |
Allow |
TCP |
8088 |
Manager Node |
Any |
Appliance management protocol |
|
6 |
Allow |
TCP |
8192 |
Admin clients |
Any |
Stats API on HTTP |
|
7 |
Allow |
TCP |
8193 |
Admin clients |
Any |
Stats API on HTTPS |
|
8 |
Allow |
UDP |
123 |
Manager Node |
123 |
NTP protocol |
|
9 |
Allow |
UDP |
Any |
External DNS server |
53 |
DNS protocol |
|
10 |
Allow |
TCP |
8337, 8338 |
User Clients |
Any |
REST API endpoint for container vaults |
|
11 |
Allow |
ICMP |
NA |
|
NA |
|
|
12 |
Allow |
UDP, TCP |
161 |
SNMP-based monitoring application |
Any |
SNMP endpoint for GET requests |
The Accesser Node periodically receives ICMP replies from the Manager Node. The Accesser Node must receive ICMP requests from the Manager Node.