This article applies to FusionReactor Cloud users. Some users run FusionReactor behind restricted firewalls which do not allow all outbound connections. In this case, these users may need to add specific firewall rules to allow FusionReactor to communicate with FusionReactor Cloud.
Customers who are using on-premise solutions which do not connect to FusionReactor Cloud need take no action. If you are using an on-premise version, and are having issues obtaining automatic licensing for your installation, please see FRS-384: Proxying FusionReactor.
In order to communicate with FusionReactor Cloud, each FusionReactor instance attempts to connect to the following services, which are identified by their DNS names:
These services require outgoing firewall rules for FusionReactor to communicate with FusionReactor Cloud. All communications are protected by SSL cyphers.
If possible, the firewall should be configured with the DNS names of these services, since they can change in response to scaling events.
If the IP addresses are required, nslookup can be used to find their current values. Most services will yield two addresses: both must be added.
If you are unable or unwilling to use the dynamic DNS rules above, we have provided a static IP addresses which can be used for all services.
After enabling this firewall rule, the following -D options need to be applied to your JVM environment, to instruct FusionReactor to use the single address:
If you are using a non-standard Java security policy, you may have to add rules to it to allow FusionReactor to connect to these services. The form of these rules is:
permission java.net.SocketPermission “cc-static.fusionreactor.io:443”, "connect, accept, resolve”;
permission java.net.SocketPermission “api-static.fusionreactor.io:443”, "connect, accept, resolve”;
permission java.net.SocketPermission “license-static.fusionreactor.io:443”, "connect, accept, resolve”;
permission java.net.SocketPermission “188.8.131.52:443”, "connect, accept, resolve”;
|Last Updated:||Wednesday 12:12 PM|
|Fixed Version:||6.2.7, 7.0.0|
FRS-225: Securing FusionReactor with HTTPS / SSL
FRS-265: Windows Firewall blocking connections to FRAM
FRS-329: FusionReactor Automatic License Activation
FRS-332: Portal shows incorrect version of FusionReactor in use
FRS-384: Proxying FusionReactor
FRS-425: FusionReactor On-Premise Firewall DNS and Static IP address rules
Comments are closed.