1. Home
  2. Unblock Outgoing Connections on Firewall

Unblock Outgoing Connections on Firewall

How to configure your firewall to allow Domotz Agent to connect to the Domotz Cloud

For the Domotz Agent to connect properly to the Domotz Cloud, OUTGOING connections on the following hosts/ports of your firewall need to be allowed:

GLOBAL (Every area uses these services)

  • portal.domotz.com (port 443 TCP)
  • echo.domotz.com (ICMP)

NORTH AMERICA

  • api-us-east-1-cell-1.domotz.com (port 443 TCP)
  • messaging-us-east-1-cell-1.domotz.com (port 5671 TCP)
  • us-east-1-sshg.domotz.co, us-east-1-02-sshg.domotz.co and us-west-2-sshg.domotz.co (range: 32700 – 57699 TCP) – these are required for the Remote Connection functionality.

EUROPE/REST OF WORLD

  • api-eu-west-1-cell-1.domotz.com and api-us-east-1-cell-1.domotz.com (port 443 TCP)
  • messaging-eu-west-1-cell-1.domotz.com (port 5671 TCP)
  • sshg.domotz.co (range: 32700 – 57699 TCP) – these are required for the Remote Connection functionality.

APAC

  • api-eu-west-1-cell-1.domotz.com and api-us-east-1-cell-1.domotz.com (port 443 TCP)
  • messaging-eu-west-1-cell-1.domotz.com (port 5671 TCP)
  • ap-southeast-2-sshg.domotz.co(range: 32700 – 57699 TCP) – these are required for the Remote Connection functionality.

If you are using the Domotz-Box provided by Domotz, the following services are used. These are used for automated upgrades of the packages and provisioning channel:

B-01, B-03, B-11 models:

  • provisioning.domotz.com (ports 4505 and 4506 TCP)
  • pool.sks-keyservers.net (port 11371 TCP)

B-12 model:

  • messaging.orchestration.domotz.com (port 5671 TCP)
  • api.orchestration.domotz.com (port 443 TCP)
  • api.snapcraft.io (port 443 TCP)

In addition, please make sure to use at least one DNS server option as a public one like the Google DNS server (8.8.8.8 or 8.8.4.4).

Updated on April 28, 2022

Was this article helpful?