Firewall Rules
If your organization restricts outbound internet traffic you might need to configure rules which allow the Storage SAN (Management IP address and Controller A and B diagnostic IP addresses) to communicate with storage servers on specific ports.
The storage SAN requires the following firewall rules:
| Description | Destination | Port | Protocol |
|---|---|---|---|
| AutoSupport and Heartbeat | nsdiag.nimblestorage.com | TCP 443 | HTTPS |
| Software Updates and Downloads | update.nimblestorage.com | TCP 443 | HTTPS |
| Alerts | nsalerts.nimblestorage.com | TCP 443 | HTTPS |
| Streaming Statistics & VMVision Per-VM Alerts | nsstats.nimblestorage.com | TCP 443 | HTTPS |
| HPE Support Secure Tunnel Connection | hogan.nimblestorage.com | TCP 2222 | SSH |
| HPE GreenLake | console.greenlake.hpe.com | TCP 443 | HTTPS |
| Array Initialization | device.cloud.hpe.com | TCP 443 | HTTPS |
| Data Services Cloud Console | console-instance
name.data.cloud.hpe.com For example: console-eu1.data.cloud.hpe.com |
TCP 443 | HTTPS |
| tunnel-instance
name.data.cloud.hpe.com For example: tunnel-eu1.data.cloud.hpe.com |
TCP 443 | HTTPS | |
| instance
name.data.cloud.hpe.com For example: eu1.data.cloud.hpe.com |
TCP 443 | HTTPS |
NOTE: instance
name can be eu1 for Europe,
jp1 for Japan, or us1 for America
NOTE: It is recommended that you use the
fully qualified domain name (for example, nsdiag.nimblestorage.com) rather than IP
addresses, as IP addresses might change without notice.