Support Portal

Full list of outbound connectivity requirements

In addition to the more minimal connectivity requirements for initial installation detailed here, below is a complete list of connectivity requirements during normal operation, depending on optional product features that are selected. If certain connectivity is not enabled outbound, the failure will be graceful and only affect that particular service, option or monitoring check. Many organisations will choose to satisfy all of the requirements below by simply enabling TCP port 80 and 443 outbound from the WAN IP of the server.


VPN Connection

  • UDP 1194 or TCP 443 to (

Configuration and software download

  • TCP 443 to – Sandbox (for initial configuration download)
  • – Repo (for download of software)

Public DNS (if using a public forwarder)

  • TCP 53 and UDP 53 to public DNS Server IPs (eg. and

Gateway Control Console

  • TCP 80, 443 and 22 to ( (core updates and license activation)
  • TCP 80 and 443 to (remote updates)
  • TCP 443 to (Snort IDS rules)
  • TCP 80 to (BitDefender rules)
  • TCP 80 to,,, and (ClamAV virus definitions)

Cloud Backup (Azure)

  • TCP 443 to Azure storage IPs in the same region as the server (see here)

Cloud Backup (Amazon)

  • TCP 443 to Amazon S3 IPs in the same region as the server (see here)

Windows License Activation

  • TCP 80 and 443 to Microsoft Windows Activation Service IPs (see here)

Windows Update

  • TCP 80 and 443 to Microsoft Windows Update IPs (see here)

WAN and Public IP Monitoring

  • TCP 80 to,, or
  • TCP 80 to

Gateway Antivirus Monitoring Check

  • TCP 80 to


Was this article helpful? 0 out of 0 found this helpful
Have more questions? Submit a request