How to set up the firewall for the local TACACS+ instance to connect to Portnox Cloud

In this topic, you will learn how to configure your firewall to make sure that the local TACACS+ instance can communicate with the cloud TACACS+ instances.

You need to open the following ports on your firewall:

FQDN Protocol Ports Direction
tm-tacacs-aahandler-prod.portnox.com TCP 443 Outbound
tacacs-aahandler-aks-clear-prod-eus.portnox.com TCP 443 Outbound
tacacs-aahandler-aks-clear-prod-weu.portnox.com TCP 443 Outbound
tm-tacacs-prod.portnox.com TCP 443 Outbound
tacacs-aks-clear-prod-eus.portnox.com TCP 443 Outbound
tacacs-aks-clear-prod-weu.portnox.com TCP 443 Outbound
tacacs-prod-eastus.servicebus.windows.net TCP 443 Outbound
tacacs-prod-westeu.servicebus.windows.net TCP 443 Outbound
tacacsprodus.blob.core.windows.net TCP 443 Outbound
logs-consolidation-prod-eastus.servicebus.windows.net TCP 443 Outbound
logs-consolidation-prod-westeu.servicebus.windows.net TCP 443 Outbound