How to set up the firewall for AgentP to connect to Cloud

In this topic, you will learn how to configure your firewall to make sure that the Portnox™ AgentP can communicate with Portnox™ Cloud.

You need to open the following ports on your firewall:

FQDN Protocol Ports Direction Description
mobilecentraal.portnox.com TCP 443, 8081 Outbound Enrollment, settings sync, VPN token
radius.portnox.com TCP 443 Outbound Direct access
devices-ingress-clear-prod-eastus.servicebus.windows.net TCP 80, 443, 5671, 5672 Outbound Data sync
devices-ingress-clear-prod-westeu.servicebus.windows.net TCP 80, 443, 5671, 5672 Outbound Data sync
portnox-centraal-prod.servicebus.windows.net TCP 80, 444, 5671, 5672 Outbound SB for VPN strong factors
portnox-centraal-prod-eastus.servicebus.windows.net TCP 80, 445, 5671, 5672 Outbound SB for VPN strong factors
cloudcentraalstoreprodus.blob.core.windows.net TCP 443 Outbound Data sync
cloudcentraalstoreprod.blob.core.windows.net TCP 443 Outbound Data sync
pnxeusprdclrinstallers.blob.core.windows.net TCP 443 Outbound Data sync
pnxweuprdclrinstallers.blob.core.windows.net TCP 443 Outbound Data sync
pnxweuprdclrpublic.blob.core.windows.net TCP 443 Outbound Data sync
pnxeusprdclrpublic.blob.core.windows.net TCP 443 Outbound Data sync
Note: Since Microsoft services can change their public IP addresses, we recommend not to use static IP addresses, and instead use FQDNs only.