Required URLs for External Connections for the Secure Access Cloud Connector
search cancel

Required URLs for External Connections for the Secure Access Cloud Connector

book

Article ID: 269085

calendar_today

Updated On:

Products

Symantec ZTNA

Issue/Introduction

Identify the ports, addresses, and services that must be opened to ensure that Secure Access Cloud (SAC) connectors have the proper access.
 

Resolution

The SAC Connector requires external connectivity to several endpoints, depending on the location of the tenant. For all other connections, port 443 is required. You can verify that the IP address is accessible, and that port 443 is open by running a telnet command from the connector host:

>> telnet IP PORT

Determine the Location of a Tenant

Tenants are divided into two geographical areas (USA and Europe). The IP address connectivity requirements differ per region. If you are not sure where your tenant is located, enter the following commands:

 nslookup tenant_name.luminatesec.com

Locate the region in the response:

 nslookup tenant_name.luminatesec.com :application02.management.prod.us-west1.luminatesec.comnslookup tenant_name.luminatesec.com :application02.management.prod.europe-west1.luminatesec.com

US IP Address Requirements

Find the US IP address requirements here: https://download.us-west-2.luminatesec.com/public-ips

Europe IP Address Requirements

Find the EU IP address requirements here: https://download.eu-west-1.luminatesec.com/public-ips

Required URLs

Any firewalls present must allow the following URLs (for egress). The URLs are required for installing SAC site connectors.

Resources (for site connectors) set to Broadcom Repository: sac-docker.packages.broadcom.com/luminate/connector

Resources (for site connectors) set to Docker Hub: https://hub.docker.com/u/luminate