Vemcount – Firewall guidelines

Firewall – Outbound ports

 

In order for your device to function properly, some rules are needed to be added to your firewall. Please note that the rules you need to add as a minimum requirement depends on your device type.

 

 

Load balancer

 

Vemcount utilizes geo load balancing to speed up responses, this means that a sensor will send to different IPs, depending on where they are located for certain DNS requests.

 

Geo load balanced DNS addresses:

    - data.vemcount.com
    - login.vemcount.com
    - xovis.vemcount.com
    - brickstream.vemcount.com
    - ntp.vemcount.com
    - sftp.vemcount.com

 

 

            Russia: 159.253.149.235

            North/South America: 18.231.94.30

            Asia: 52.77.137.57

            Default/Fallback: 18.195.189.44

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

GEO DNS Rules

 

DNS: data.vemcount.com

Port: 80 + 81 + 443

Protocol: TCP

This is used for sensor data counts/health checks

 

 

DNS: xovis.vemcount.com

Port: 3001 + 3002

Protocol: TCP

This is used for remote device administration/calibration

 

 

DNS: brickstream.vemcount.com

Port: 3000

Protocol: TCP

This is used for remote device administration/calibration

 

 

DNS: ntp.vemcount.com

Port: 123

Protocol: UDP

This is used for keeping the sensor in sync with a timeserver so that the timestamp is correct in the different time zones.

 

 

DNS: sftp.vemcount.com

Port: 121

Protocol: TCP

This is used for uploading footfall/POS data

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

DNS RULES – Without geo load balancer

 

DNS: ftp.vemcount.com

IP: 52.58.211.223

Port: 21 (ftp + ftps)

Protocol: TCP

This is used for uploading footfall/POS data

 

 

DNS: irisys.vemcount.com

IP: 52.58.139.245

Port: 80

Protocol: TCP

This is used for sensor data counts/health checks

 

 

DNS: services.vemcount.com

IP: 52.58.211.223

Port: 1194

Protocol: UDP

The port 1194 is used for the VPN connection, which the sensor establishes to the server so that one can connect to the device remotely to calibrate it.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Examples 

 

 

Please use DNS-name instead of IP when possible in your firewall. See below of an example set of firewall rules. Also note that all connections are initiated from the sensor side, so depending on your firewall you sometimes have to open more than 1 direction if your firewall does not have SPI (stateful packet inspection).

 

 

Device type: Brickstream

 

- data.vemcount.com                        80                   TCP

- data.vemcount.com                        443                 TCP

- brickstream.vemcount.com           3000               TCP

- ntp.vemcount.com                          123                 UDP

 

 

Device type: Xovis

 

- data.vemcount.com            80                               TCP

- data.vemcount.com            443                             TCP

- xovis.vemcount.com           3001                           TCP

- xovis.vemcount.com           3002                           TCP

- ntp.vemcount.com              123                             UDP

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk