What ports need to be kept opened if ZD is behind a firewall?

Summary

This article explains what ports need to be kept opened for ZD to perform its functions if it is setup behind a firewall or a NAT box.

Question

What ports need to be kept opened on my firewall if ZD is setup behind it?

Customer Environment

ZoneDirector managed wireless network. APs are outside the firewall. ZD administration needs to be from outside the company's firewall.

Root Cause

Not everything required is present or done from from behind the firewall.

Resolution

Following ports need to be kept opened on a firewall for ZD to perform its functions:

For administration:
Web GUI access - you need to keep TCP port 443 open. If the administrator doesn't type https in front, the request will come TCP port 80 (http port). In such case, you need to keep port 80 opened as well. After receiving a request on port 80, ZD will redirect the administrator to an https login page (port 443).
SSH - open TCP port 22.

For AP join and management:
Keep UDP ports 12222 and 12223 opened.

For AP upgrades:
APs use FTP for retrieving firmware from ZD and then they will upgrade automatically. Keep TCP port 21 open for this purpose.

Below is the complete list of ports that has to be open.

User-added image

Article Number:
000004485

Updated:
August 18, 2020 03:39 AM (over 3 years ago)

Tags:
Configuration, Installation, Troubleshooting, ZoneDirector

Votes:
9

This article is:
helpful
not helpful

Working...Please wait

This is here to prevent you from accidentally submitting twice.

The page will automatically refresh.