Network Address Translation (NAT) is supported only between
secure connect gateway and Dell Technologies. NAT
is not supported between
secure connect gateway and the managed devices.
Port Address Translation (PAT) is not supported for the IP addresses of any of the devices that are managed by
secure connect gateway.
Dynamic IP addresses (DHCP) should not be used for any components of the
secure connect gateway servers, policy manager servers, or any managed devices.
Internet connectivity—Standard 1 GbE network or faster through HTTP with basic authentication
The local system must be able to connect to the following
Enterprise servers through ports 443 and 8443:
For IPV6
srs-1-v6.dell.com
For IPV4
esrs3-core.emc.com
esrs3-coredr.emc.com
The local system must be able to connect to the following
Global access servers through ports 443 and 8443:
For IPV6
SRSgduprd01-v6.dell.com
SRSgduprd02-v6.dell.com
SRSgduprd03-v6.dell.com
SRSgduprd04-v6.dell.com
SRSgduprd05-v6.dell.com
SRSgduprd06-v6.dell.com
SRSghoprd01-v6.dell.com
SRSghoprd02-v6.dell.com
SRSghoprd03-v6.dell.com
SRSghoprd04-v6.dell.com
SRSghoprd05-v6.dell.com
SRSghoprd06-v6.dell.com
For IPV4
esr3gduprd01.emc.com
esr3gduprd02.emc.com
esr3gduprd03.emc.com
esr3gduprd04.emc.com
esr3gduprd05.emc.com
esr3gduprd06.emc.com
esr3ghoprd01.emc.com
esr3ghoprd02.emc.com
esr3ghoprd03.emc.com
esr3ghoprd04.emc.com
esr3ghoprd05.emc.com
esr3ghoprd06.emc.com
esr3gscprd01.emc.com
esr3gscprd02.emc.com
esr3gscprd03.emc.com
esr3gscprd04.emc.com
esr3gscprd05.emc.com
esr3gscprd06.emc.com
esr3gckprd01.emc.com
esr3gckprd02.emc.com
esr3gckprd03.emc.com
esr3gckprd04.emc.com
esr3gckprd05.emc.com
esr3gckprd06.emc.com
esr3gckprd07.emc.com
esr3gckprd08.emc.com
esr3gckprd09.emc.com
esr3gckprd10.emc.com
esr3gckprd11.emc.com
esr3gckprd12.emc.com
esr3gspprd01.emc.com
esr3gspprd02.emc.com
esr3gspprd03.emc.com
esr3gspprd04.emc.com
esr3gspprd05.emc.com
esr3gspprd06.emc.com
Configure at least one DNS server.
Use only a static IP address for the local system. Dynamic IP addresses are not supported.
To ensure communication security and integrity, networking devices must not perform any method of SSL decryption on traffic for the backend. Attempting to do so causes a loss of connectivity to the backend.
NOTE:If SSL decryption is enabled on the proxy servers and other devices, ensure the
Global access and
Enterprise servers are added to the SSL decryption exclusion list on the proxy servers and devices.
The following table lists the ports that must be open on the local system:
Table 1. Network ports for local systemThe following table lists the ports that must be open on the local system.
Port
Protocol
Direction
Usage
25
TCP and SMTP
Inbound
Receive call-home email messages from data storage devices other than the following models:
Fluid File System (FluidFS)
PeerStorage (PS) or EqualLogic
Storage Center (SC) or Dell Compellent
PowerVault
PowerVault tape libraries
25
TCP and SMTP
Outbound
Send email messages through your SMTP server.
80
TCP and HTTP
Outbound
Communicate using HTTP.
161
UDP and SNMP
Outbound
Query device status through SNMP
162
UDP and SNMP
Inbound
Receive alerts (SNMP traps) from remote devices.
443
TCP and HTTPS
Inbound
Communicate with OpenManage Enterprise.
Receive alert data from data storage devices other than the following models:
Fluid File System (FluidFS)
PeerStorage (PS) or EqualLogic
Storage Center (SC) or Dell Compellent
PowerVault
PowerVault tape libraries
Receive heartbeat data and alert information from the following device types and models:
Data protection
Data storage devices other than the following models:
Fluid File System (FluidFS)
PeerStorage (PS) or EqualLogic
Storage Center (SC) or Dell Compellent
PowerVault
PowerVault tape libraries
Converged or hyperconverged infrastructure appliances other than Web-Scale.
990
FTPS
Outbound
Used for alert failover if 443 file transfer channel is unavailable.
443 and 8443
TCP and HTTPS
Outbound
Connect to the
Global access and
Enterprise servers.
Communicate using HTTPS secured with TLSv1.2.
Communicate using Secure Socket Layer (SSL) and WS-MAN.
Receive
secure connect gateway updates.
Upload collected telemetry to the backend
1311
TCP
Outbound
Communicate with Dell OpenManage Server Administrator.
5700
TCP and HTTPS
Inbound
Open
secure connect gateway user interface using HTTPS with TLS v1.2.
5701, 5702, 5703, and 5704
TCP and HTTPS
Inbound
Collect telemetry from devices.
5705
TCP and HTTPS
Inbound
Receive Redfish alerts from remote devices through
secure connect gateway alert services.*
9001
N/A
Internal
Establish connection with the Dell Technologies
secure connect gateway DB service.
NOTE:This port is for internal use only. You must ensure that this port is open and is not used by other applications.
8443
TCP and HTTPS
Outbound
Communicate with policy manager using SSL encryption.
8888
TCP
Outbound
Communicate with policy manager without SSL encryption.
9443
TCP and HTTPS
Inbound
Register and receive alert and heartbeat data from data storage devices other than the following models using REST APIs:
Fluid File System (FluidFS)
PeerStorage (PS) or EqualLogic
Storage Center (SC) or Dell Compellent
PowerVault
PowerVault tape libraries
* For iDRAC9 running firmware version 5.x or later, the Redfish protocol must be enabled on the device. For instructions on how to enable Redfish notifications, see the
Integrated Dell Remote Access Controller User's Guide
available on the
iDRAC Manuals page.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\