This document describes what needs to be checked during the installation process of your mymbCONNECT24 Server.
1. Requirements
Please note:
These requirements concerns you only, if you are using the mymbCONECT24.virtual Server.
If you are not using the mymbCONECT24.virtual, please continue with the next point (2.).
- ESXi-Server
- Hardwareversion 8
- ESXi 5.0 and higher
- at least 2 vCPUs
- at least 2 GB RAM
- at least 20 GB disk space
- Import the .ova file into the ESXi server (you will find the file on the installation medium)
- "root" access to the ESXi server
2. VPN IP Network of VPN Authentication Server
Choose the IP address range for the VPN IP network of the VPN authentication server.
Address Ranges
10.0.0.0/24 recommended
172.16.0.0/24 alternative
192.168.0.0/24 not recommended
3. Ports to Activate
The firewall must be configured for the public IP address to forward the ports to the WAN IP address of the server (ports and protocol).
IP addresses of the WAN interface are mostly taken from the local area network address range, i.e. the WAN IP address of the server is not the same as the locale IP address. This has to be considered for later settings. You required the WAN IP address as well as the public IP address of the firewall.
4. Inbound
Direction: from Internet to Server
The server must be reachable with his WAN IP address for the protocol TCP on the following ports:
• Frontend / Backend / VPN
If you did not change the default settings, activate at least these ports: 80, 443 and/or 1194
• Manufacturer Support via SSH
The SSH access for support by the manufacturer is disabled by default. Activate port 22 and enable SSH access in the backend.
5. Outbound
Direction: from Server to Internet
The server must reach these following services in the Internet via the WAN interface:
Service | URL | Port |
License server | https://licenses.mbconnectline.com/license/index.php/api | TCP 443 |
License server | https://registration.mbconnectline.com/license/index.php/registrationapi | TCP 443 |
Update server | https://autoupdate.mbconnectline.com | TCP 443 |
Onlinehelp | http://www.cc-onlinehelp.com/en/ | TCP 80 |
SMS DISPATCH - own Gateway | https://gateway.smstrade.de/* | TCP 443 |
Text2Speech Gateway | https://rest.messagebird.com/* | TCP 443 |
Google QR Code | https://chart.googleapis.com/* | TCP 443 |
Map Widget | https://a.openstreetmap.org/* | TCP 443 |
Map Widget | https://b.openstreetmap.org/* | TCP 443 |
Map Widget | https://c.openstreetmap.org/* | TCP 443 |
if "Activate automatic mail settings" is set to "Yes" | mail.mymbnet.biz | TCP 25 |
NTP (as default activated) | 0.de.pool.ntp.org | UDP 123 |
DNS | TCP / UDP 53 | |
Syslog Server | UDP 514 | |
Fail2Ban | http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz | TCP 80 |
Fail2Ban (Firmware V2.2.1 or later) | https://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz |
TCP 443 |
Typ: FAQ | Revision: EN-mbconnect24-01-V1.3 | Datum: 18.08.2020 |
---|