Introduction
This article describes the ports to be allowed by the network firewall for the Engage service to function as intended.
The communication is bi-directional, as such, the firewall must allow both outgoing traffic (requests to the server) and incoming traffic (most of the time represents the answers to the requests).
Given the client/server architecture in place, the client will initiate most of the communication with the server. This will make the Amino Engage services work behind most NAT networks, the network firewall only needs to make sure the traffic in some specific ports and from some IP addresses is allowed.
Prerequisites
This article assumes that you have an Engage account and the device is deployed in your local network behind a firewall.
Summary
Regions
Engage is a global service with multiple instances and depending on the region the clients are deployed, different instances are used. To confirm which region we are using, we can check the domain details under System > Manage Domains > [Your domain name] > Region(s).
If nothing is specified, the domain is using the default region, which is US. If EMEA is specified, then the domain is using the EMEA region.
Once the server region and the modules subscribed are confirmed, we can follow the matching requirements below:
Amino EngageSM Engage IP Requirements - EMEA
SYSTEM and WEB UI
| IP |
Port |
Protocol |
Hostname |
Description |
| 18.159.249.117 | 80 443 |
TCP (HTTP) TCP (HTTPS) |
idp.aminoengage.com | Web UI Management Portal |
| engage.aminoengage.com | ||||
| ensure.aminoengage.com | ||||
| ensight.aminoengage.com | ||||
| enspect.aminoengage.com |
MANAGE
| IP |
Port |
Protocol |
Hostname |
Description |
| 35.156.116.167 |
3478 |
UDP |
acs1.aminoengage.com | Stun Communication |
| 35.157.115.197 | acs2.aminoengage.com | |||
| 18.193.52.164 | acs3.aminoengage.com | |||
| 18.193.34.170 | 80 443 |
TCP (HTTP) TCP (HTTPS) |
cpemgt.entone.com |
Default CPEMGT config |
| 7743 |
TCP (HTTPS) |
acs.aminoengage.com | TR069 Communication | |
| 7643 |
TCP (HTTPS) |
acs.entone.com | ||
|
80 443 |
TCP (HTTP) TCP (HTTPS) |
files.aminoengage.com | File Storage | |
| files.entone.com | ||||
| 35.227.212.246 |
80 |
TCP (HTTP) |
gcs.aminoengage.com |
RESOLVE
| IP |
Port |
Protocol |
Hostname |
Description |
| 52.58.161.128 |
10000 10443 10444 22 1194
|
TCP (HTTP) TCP (HTTPS) TCP (HTTPS) TCP (SSH) UDP (VPN)
|
ensight-cmd31.aminoengage.com | EMEA1 Resolve Cluster |
| 18.194.204.8 | ensight-cmd32.aminoengage.com | |||
| 35.158.175.10 | ensight-cmd33.aminoengage.com | |||
| 52.29.250.167 | ensight-cmd34.aminoengage.com | |||
| 3.121.3.46 | ensight-cmd35.aminoengage.com | EMEA2 Resolve Cluster | ||
| 3.120.236.189 | ensight-cmd36.aminoengage.com | |||
| 18.194.160.174 | ensight-cmd37.aminoengage.com | |||
| 18.185.255.135 | ensight-cmd38.aminoengage.com | |||
| 52.58.69.94 | ensight-cmd41.aminoengage.com | EMEA3 Resolve Cluster | ||
| 35.156.111.112 | ensight-cmd42.aminoengage.com | |||
| 18.157.137.206 | ensight-cmd43.aminoengage.com | |||
| 35.156.204.224 | ensight-cmd44.aminoengage.com | |||
| 3.127.124.191 | ensight-cmd45.aminoengage.com | |||
| 18.193.34.170 |
80 |
TCP (HTTP) TCP (HTTPS) |
ensight-cmd.aminoengage.com |
Command Cluster Load Balancer |
| 3.124.250.83 |
10446 |
TCP |
logfile.aminoengage.com | Logfile Receiver |
OPTIMIZE
| IP |
Port |
Protocol |
Hostname |
Description |
| 18.184.215.98 |
443
|
TCP (HTTPS) |
enspect-svr31.aminoengage.com | EMEA Optimize Cluster |
| 18.195.7.40 | enspect-svr32.aminoengage.com | |||
| 18.196.24.130 | enspect-svr33.aminoengage.com | |||
| 18.184.98.210 | enspect-svr34.aminoengage.com | |||
| 18.193.34.170 |
443 |
TCP (HTTPS) |
enspect-svr.aminoengage.com |
Optimize Load Balancer |
Amino EngageSM Engage IP Requirements - US
SYSTEM and WEB UI
| IP |
Port |
Protocol |
Hostname |
Description |
| 18.159.249.117 | 80 443 |
TCP (HTTP) TCP (HTTPS) |
idp.aminoengage.com | Web UI Management Portal |
| engage.aminoengage.com | ||||
| ensure.aminoengage.com | ||||
| ensight.aminoengage.com | ||||
| enspect.aminoengage.com |
MANAGE
| IP |
Port |
Protocol |
Hostname |
Description |
| 35.156.116.167 |
3478 |
UDP |
acs1.aminoengage.com | Stun Communication |
| 35.157.115.197 | acs2.aminoengage.com | |||
| 18.193.52.164 | acs3.aminoengage.com | |||
| 18.193.34.170 | 80 443 |
TCP (HTTP) TCP (HTTPS) |
cpemgt.entone.com |
Default CPEMGT config |
| 7743 |
TCP (HTTPS) |
acs.aminoengage.com | TR069 Communication | |
| 7643 |
TCP (HTTPS) |
acs.entone.com | ||
|
80 443 |
TCP (HTTP) TCP (HTTPS) |
files.aminoengage.com | File Storage | |
| files.entone.com | ||||
| 35.227.212.246 |
80 |
TCP (HTTP) |
gcs.aminoengage.com |
RESOLVE
| IP |
Port |
Protocol |
Hostname |
Description |
| 52.52.29.111 |
10000 10443 10444 22 1194 |
TCP (HTTP) TCP (HTTPS) TCP (HTTPS) TCP (SSH) UDP (VPN) |
ensight-cmd1.aminoengage.com | US1 Resolve Cluster |
| 52.52.31.80 | ensight-cmd2.aminoengage.com | |||
| 52.52.43.240 | ensight-cmd3.aminoengage.com | |||
| 34.196.83.208 | ensight-cmd11.aminoengage.com | US2 Resolve Cluster | ||
| 18.233.240.128 | ensight-cmd12.aminoengage.com | |||
| 18.211.230.176 | ensight-cmd13.aminoengage.com | |||
| 18.204.52.173 | ensight-cmd14.aminoengage.com | |||
| 18.193.34.170 |
80 |
TCP (HTTP) TCP (HTTPS) |
ensight-cmd.aminoengage.com |
Command Cluster Load Balancer |
| 3.124.250.83 |
10446 |
TCP |
logfile.aminoengage.com | Logfile Receiver |
OPTIMIZE
| IP |
Port |
Protocol |
Hostname |
Description |
| 13.56.129.180 |
443 |
TCP (HTTPS) |
enspect-svr1.aminoengage.com | US Optimize Cluster |
| 52.8.127.78 | enspect-svr2.aminoengage.com | |||
| 54.215.102.247 | enspect-svr3.aminoengage.com | |||
| 52.8.38.156 | enspect-svr4.aminoengage.com | |||
| 18.193.34.170 |
443 |
TCP (HTTPS) |
enspect-svr.aminoengage.com |
Optimize Load Balancer |
References
None