mymbCONNECT24: What Ports and IP-Addresses must be released during installation

This document describes what needs to be checked during the installation process of your mymbCONNECT24 Server.

1. Requirements

Please note:

These requirements concerns you only, if you are using the mymbCONECT24.virtual Server. 

If you are not using the mymbCONECT24.virtual, please continue with the next point (2.).

2. VPN IP Network of VPN Authentication Server

Choose the IP address range for the VPN IP network of the VPN authentication server.

Address Ranges

10.0.0.0/24           recommended
172.16.0.0/24      alternative
192.168.0.0/24    not recommended

3. Ports to Activate

The firewall must be configured for the public IP address to forward the ports to the WAN IP address of the server (ports and protocol).

IP addresses of the WAN interface are mostly taken from the local area network address range, i.e. the WAN IP address of the server is not the same as the locale IP address. This has to be considered for later settings. You required the WAN IP address as well as the public IP address of the firewall.

4. Inbound

Direction: from Internet to Server

The server must be reachable with his WAN IP address for the protocol TCP on the following ports:

•    Frontend / Backend / VPN

If you did not change the default settings, activate at least one of these ports: 80, 443, 1194

•    Manufacturer Support via SSH

The SSH access for support by the manufacturer is disabled by default. Activate port 22 and enable SSH access in the backend.

5. Outbound

Direction: from Server to Internet

The server must reach these following services in the Internet via the WAN interface:
(Connections printed in bold are mandatory. The others are necessary if they are desired and activated in the backend.)

Service URL Port
License server https://licenses.mbconnectline.com/license/index.php/api TCP 443
Registration server https://registration.mbconnectline.com/license/index.php/registrationapi TCP 443
Update server https://autoupdate.mbconnectline.com TCP 443
Onlinehelp http://www.cc-onlinehelp.com/en/ TCP 443
SMS DISPATCH - own Gateway https://gateway.smstrade.de/* TCP 443
Text2Speech Gateway https://rest.messagebird.com/* TCP 443
Google QR Code
(omitted from server version 2.16.0)
https://chart.googleapis.com/* TCP 443
Map Widget https://a.openstreetmap.org/* TCP 443
Map Widget https://b.openstreetmap.org/* TCP 443
Map Widget https://c.openstreetmap.org/* TCP 443
if "Activate automatic mail settings" is set to "Yes" mail.mymbnet.biz TCP 25
NTP (as default activated) 0.de.pool.ntp.org UDP 123
DNS   TCP / UDP 53
Syslog Server   UDP 514

 

Typ: FAQ Revision: EN-mbconnect24-01-V1.5 Datum: 26.10.2023

 

 v