[FRS-425] FusionReactor On-Premise Firewall DNS and Static IP address rules (Fusion Reactor 5.0.x – 7.4.x)

Legacy License Service Migration – Affects Firewall Rules

As part of our ongoing project to improve performance and reduce downtime, the licensing system which serves FusionReactor 5.0.x to 7.4.x has been moved to its own dedicated cluster.

This change means that the IP address used for the load balancers for this service has changed to 18.200.148.71 and 52.208.77.63. These are now static and can be added to your firewall configuration, and replace the old 52.214.198.96 address, which should no longer be used.

DNS Switchover on Monday 28th October
The DNS name api-intergraldata-static.fusionreactor.io will be changed on 28-OCT-2019 to point to the new addresses. At this point, the previous IP address will no longer work.

Introduction

This article applies to FusionReactor On-Premise customers running FusionReactor 5 to 7 only. These customers are identified by their license keys which do not begin with CLOUD-. Some users run FusionReactor behind restricted firewalls which do not allow all outbound connections. In this case, these users may need to add specific firewall rules to allow FusionReactor to communicate with our licensing infrastructure.

PLEASE NOTE THAT THIS TECHNOTE IS VALID IF YOU ARE RUNNING FUSIONREACTOR 5.0.0 – 7.4.3 ONLY

To configure FusionReactor versions 8 and above see: FRS-454

Proxying FusionReactor

If you have a web proxy available, this is the preferred method of allowing FusionReactor to communicate with licensing. Please see FRS-384: Proxying FusionReactor

Using DNS Firewall Rules

FusionReactor licensed with on-premise (non-Cloud) licenses requires access to the following DNS address in order to communicate with our licensing service

  • data.intergraldata.com – port tcp/80 and port tcp/443

This address resolves to one or more IP addresses which are attached to a load-balanced cluster.

Using Static Addresses

If you are unable or unwilling to use the dynamic DNS rules above, we have provided two static IP addresses which can be used for this service.

  • 18.200.148.71 and 52.208.77.63 – port tcp/80 and port tcp/443

After enabling this firewall rule, the following -D option needs to applied to your JVM environment, to instruct FusionReactor use this address for licensing:

-Dfrlicenseservice.protocol=https
-Dfrlicenseservice=api-intergraldata-static.fusionreactor.io

Locked-Down Environments

If you are using a non-standard Java security policy, you may have to add rules to it to allow FusionReactor to connect to these services. The form of these rules is:

permission java.net.SocketPermission “api-intergraldata-static.fusionreactor.io:443”, "connect, accept, resolve”;
permission java.net.SocketPermission “api-intergraldata-static.fusionreactor.io:80”, "connect, accept, resolve”;
permission java.net.SocketPermission “18.200.148.71:443”, "connect, accept, resolve”;
permission java.net.SocketPermission “18.200.148.71:80”, "connect, accept, resolve”;
permission java.net.SocketPermission “52.208.77.63:443”, "connect, accept, resolve”;
permission java.net.SocketPermission “52.208.77.63:80”, "connect, accept, resolve”;

Manual Licensing

Should FusionReactor be completely unable to communicate with our licensing service, you should note the following:

  • FusionReactor will require to be activated by hand using an activation code provided by the software. This must be done from a computer which does have internet access using the FusionReactor Portal. The resulting activation key must be entered back into FusionReactor.
  • The activation key generated is valid for 10 minutes, after this point FusionReactor will reject the key.
  • Your manual activation will be valid until the expiry date of the license in the case of subscription license and forever in the case of a maintenance license.

Upgrading to FusionReactor Cloud

Customers upgrading from FusionReactor On-Premise to FusionReactor Cloud should also read technote FRS-418: FusionReactor Cloud Firewall DNS and Static IP address rules (Fusion Reactor 5.0.x – 7.4.x)


Issue Details

Type Technote
Issue Number FRS-425
Components License + Activation
Resolution Fixed
Last Updated 2019-10-28T13:05:53.317+0000
Fix Version(s) 7.0.0

Comments are closed.