This document describes what needs to be checked during the installation process of your mymbCONNECT24 Server.
1. Requirements
Please note:
These requirements concerns you only, if you are using the mymbCONECT24.virtual Server.
If you are not using the mymbCONECT24.virtual, please continue with the next point (2.).
- ESXi-Server (as an example)
- Hardwareversion 8
- ESXi 5.0 and higher
- at least 2 vCPUs
- at least 2 GB RAM
- at least 20 GB disk space
- Import the .ova file into the ESXi server
- "root" access to the ESXi server
2. VPN IP Network of VPN Authentication Server
Choose the IP address range for the VPN IP network of the VPN authentication server.
Address Ranges
10.0.0.0/24 recommended
172.16.0.0/24 alternative
192.168.0.0/24 not recommended
3. Ports to Activate
The firewall must be configured for the public IP address to forward the ports to the WAN IP address of the server (ports and protocol).
IP addresses of the WAN interface are mostly taken from the local area network address range, i.e. the WAN IP address of the server is not the same as the locale IP address. This has to be considered for later settings. You required the WAN IP address as well as the public IP address of the firewall.
4. Inbound
Direction: from Internet to Server
The server must be reachable with his WAN IP address for the protocol TCP on the following ports:
• Frontend / Backend / VPN
If you did not change the default settings, activate at least one of these ports: 80, 443, 1194
• Manufacturer Support via SSH
The SSH access for support by the manufacturer is disabled by default. Activate port 22 and enable SSH access in the backend.
5. Outbound
Direction: from Server to Internet
The server must reach these following services in the Internet via the WAN interface:
(Connections printed in bold are mandatory. The others are necessary if they are desired and activated in the backend.)
| Service | URL | Port |
| License server | https://licenses.mbconnectline.com/license/index.php/api | TCP 443 |
| Registration server | https://registration.mbconnectline.com/license/index.php/registrationapi | TCP 443 |
| Update server | https://autoupdate.mbconnectline.com | TCP 443 |
| Onlinehelp | http://www.cc-onlinehelp.com/en/ | TCP 443 |
| SMS DISPATCH - own Gateway | https://gateway.smstrade.de/* | TCP 443 |
| Text2Speech Gateway | https://rest.messagebird.com/* | TCP 443 |
| Google QR Code (omitted from server version 2.16.0) |
https://chart.googleapis.com/* | TCP 443 |
| Map Widget | https://a.openstreetmap.org/* | TCP 443 |
| Map Widget | https://b.openstreetmap.org/* | TCP 443 |
| Map Widget | https://c.openstreetmap.org/* | TCP 443 |
| if "Activate automatic mail settings" is set to "Yes" | mail.mymbnet.biz | TCP 25 |
| NTP (as default activated) | 0.de.pool.ntp.org | UDP 123 |
| DNS | TCP / UDP 53 | |
| Syslog Server | UDP 514 |
| Typ: FAQ | Revision: EN-mbconnect24-01-V1.5 | Datum: 26.10.2023 |
|---|
v