Network Firewall Requirements

Following are the Network Firewall Requirements for GigaVUE V Series Node deployment.

Source Destination Source Port Destination Port Protocol Service Purpose

GigaVUE-FM

ESXi hosts

Any (1024-65535)

443

TCP

https

Allows GigaVUE‑FM to communicate with vCenter and all ESXi hosts to import the V Series OVA files. OVA files require access to the host IP/URL for bulk deployment

vCenter

GigaVUE-FM

GigaVUE V Series Nodes

Any (1024-65535)

8889

TCP

Custom API

Allows GigaVUE‑FM to communicate with GigaVUE V Series Node

GigaVUE-FM

GigaVUE V Series Nodes

Any (1024-65535)

5671

TCP

Custom TCP

Allows GigaVUE-FM to receive the traffic health updates with GigaVUE V Series Node

Administrator

GigaVUE-FM

Any (1024-65535)

443

TCP

https

Management connection to GigaVUE‑FM

22

ssh

Administrator

GigaVUE V Series Nodes

Not Applicable

22

 

ssh

Troubleshooting GigaVUE V Series Nodes.

Remote Source

GigaVUE V Series Nodes

Custom Port(VXLAN and UDPGRE),N/A for GRE

4789

UDP

VXLAN

Allows to UDPGRE Tunnel to communicate and tunnel traffic to GigaVUE V Series Nodes (Applicable for Tunnel Ingress option only)

N/A

IP 47

GRE

4754

UDP

UDPGRE

GigaVUE V Series Nodes

Tool/ GiagVUE HC Series instance

Custom Port(VXLAN),N/A for GRE

4789

UDP

VXLAN

Allows GigaVUE V Series Node to communicate and tunnel traffic to the Tool

Not Applicable

IP 47

GRE

GigaVUE V Series Nodes

Tool/ GigaVUE HC Series instance

Not Applicable

Not Applicable

ICMP

Echo Request

Allows GigaVUE V Series Node to health check tunnel destination traffic (Optional)

Echo Response

GigaVUE V Series Nodes

GigaVUE-FM

Any (1024-65535)

Any (1024-65535)

TCP

Custom TCP

Allows GigaVUE V Series Nodes to communicate the traffic health updates with GigaVUE‑FM