Subscribe to Lumen Cloud Knowledge BaseIn this article:
- Overview
- Audience
- MSA Network Diagram
- Connectivity and Required Firewall Rules
- Contacting Cloud Application Manager Support
Overview
This article is meant to assist users of Managed Services Anywhere (MSA) in the network architecture and requirements of the MSA solution. This document explains the network requirements of the MSA customer's environment for the purposes of preparation for MSA enablement and post enablement support.
Audience
All Managed Services Anywhere (MSA) customers or those interested in enabling MSA within their Cloud Application Manager Providers.
MSA Network Diagram
Network connections between customer servers, MSA management appliance, and Lumen.
Does not include traffic between other sources, such as for DNS resolution or OS updates.
Connectivity and Required Firewall Rules
Because of the dynamic nature of our endpoints and management appliances, we recommend applying the following stateful rules to subnets hosting MSA management appliances
External Connections from MSA Management Appliance
| Description | Purpose | Protocol | Port | Destination |
|---|---|---|---|---|
| HTTPS | CAM Management | TCP | 443 | 0.0.0.0/0 |
| RabbitMQ | Monitoring | TCP | 5671 | 0.0.0.0/0 |
| ISAKMP | Remote Admin | UDP | 500 | 0.0.0.0/0 |
| IPSEC | Remote Admin | UDP | 4500 | 0.0.0.0/0 |
Internal Connections from MSA Management Appliance
| Description | Purpose | Protocol | Port | Destination |
|---|---|---|---|---|
| SSH | Remote Admin | TCP | 22 | Internal Networks Managed by MSA Management Appliance |
| HTTPS | Monitoring | TCP | 443 | Internal Networks Managed by MSA Management Appliance |
| SMB | Remote Admin | TCP | 445 | Internal Networks Managed by MSA Management Appliance |
| RDP | Remote Admin | TCP | 3389 | Internal Networks Managed by MSA Management Appliance |
| WinRM | Remote Admin | TCP | 5985 | Internal Networks Managed by MSA Management Appliance |
| WinRM | Remote Admin | TCP | 5986 | Internal Networks Managed by MSA Management Appliance |
Internal Connections to MSA Management Appliance
| Description | Purpose | Protocol | Port | Source |
|---|---|---|---|---|
| PING | MSA Registration | ICMP | ALL | Internal Networks Managed by MSA Management Appliance |
Contacting Cloud Application Manager Support
We’re sorry you’re having an issue in Cloud Application Manager. Please review the troubleshooting tips, or contact Cloud Application Manager support with details and screenshots where possible.
