Default outbound firewall rules

All networks in the cluster have the default outbound allow rules, which are specified in the format: <address>:<protocol>:<port>:<description>. These rules are the following:

0.0.0.0:udp:500:IKE

Traffic encryption

0.0.0.0:udp:4500:IKE

Traffic encryption

0.0.0.0:tcp:8888:Admin panel

Used by the cluster API

0.0.0.0:tcp:80:HTTP

Connection to the update repository and the S3 backend when configured to serve HTTP requests

0.0.0.0:tcp:443:HTTPS

Communication with Acronis Cyber Protect Cloud and the S3 services

0.0.0.0:udp:53:DNS

DNS name resolution

0.0.0.0:tcp:53:DNS

DNS name resolution

0.0.0.0:udp:123:NTP

Time syncronization

0.0.0.0:tcp:8443:ABGW registration

Data control for the Acronis Cyber Protect agents and Management server

0.0.0.0:tcp:44445:ABGW Geo-replication

Backup data replication between clusters

0.0.0.0:tcp:9877:Acronis Cyber Protect

Registration with Acronis Cyber Protect Management server in on-premise installations

0.0.0.0:tcp:5900-6079:VM VNC Legacy

Legacy ports for VNC console access to virtual machines

0.0.0.0:udp:4789:VXLAN

Network traffic between virtual machines in private virtual networks

0.0.0.0:tcp:15900-16900:VM VNC

VNC console access to virtual machines in the compute cluster

0.0.0.0:tcp:7050:KA license

Connection to the Key Authentication (KA) licensing server

0.0.0.0:tcp:5224:KA report

Sending reports to the KA server

0.0.0.0:udp:2049:NFS

Data exchange with the NFS access point

0.0.0.0:tcp:2049:NFS

Data exchange with the NFS access point

0.0.0.0:tcp:111:NFS Rpcbind

RPC request mapping from NFS clients to the correct port

0.0.0.0:any:0:Allow all

Allows all outbound traffic