Firewall Rules
If your organization restricts outbound internet traffic you might need to configure rules which allow the Storage SAN (Management IP address and Controller A and B diagnostic IP addresses) to communicate with storage servers on specific ports.
The storage SAN requires the following firewall rules:
Description | Destination | Port | Protocol |
---|---|---|---|
AutoSupport and Heartbeat | nsdiag.nimblestorage.com | TCP 443 | HTTPS |
Software Updates and Downloads | update.nimblestorage.com | TCP 443 | HTTPS |
Alerts | nsalerts.nimblestorage.com | TCP 443 | HTTPS |
Streaming Statistics & VMVision Per-VM Alerts | nsstats.nimblestorage.com | TCP 443 | HTTPS |
HPE Support Secure Tunnel Connection | hogan.nimblestorage.com | TCP 2222 | SSH |
HPE GreenLake | console.greenlake.hpe.com | TCP 443 | HTTPS |
Array Initialization | device.cloud.hpe.com | TCP 443 | HTTPS |
Data Services Cloud Console | console-instance
name.data.cloud.hpe.com For example: console-eu1.data.cloud.hpe.com |
TCP 443 | HTTPS |
tunnel-instance
name.data.cloud.hpe.com For example: tunnel-eu1.data.cloud.hpe.com |
TCP 443 | HTTPS | |
instance
name.data.cloud.hpe.com For example: eu1.data.cloud.hpe.com |
TCP 443 | HTTPS |
NOTE: instance
name can be eu1 for Europe,
jp1 for Japan, or us1 for America
NOTE: It is recommended that you use the
fully qualified domain name (for example, nsdiag.nimblestorage.com) rather than IP
addresses, as IP addresses might change without notice.