Manage Firewall Rules
You can manage firewall rules to open specific ports or port ranges for inbound communication by navigating to System > Network and clicking the Firewall tab.
Notes:
- These firewall rules apply only to IPv4 traffic.
The Firewall pane allows you to do the following:
- Review what ports are being used by Manufacturing Connect Edge system components, applications, and containers.
- Ensure that any DeviceHub drivers and Docker container applications are not running on conflicting ports.
- Open ports and port ranges with appropriate protocol (TCP/UDP) for Docker applications, containers, and DeviceHub drivers.
- Manage and close ports as needed.
You can review any firewall changes in System > Events.
The pane shows a summary of what ports are currently open.
There are some ports that cannot be used for firewall rules because they are reserved for system services.
Review the list of reserved ports.
Reserved Port or Port Range | System Service that Uses Port(s) |
---|---|
21 | FTP |
22 | SSH |
80 | HTTP |
123 | NTP |
389 | LDAP |
443 | Manufacturing Connect API |
636 | LDAP with SSL |
1880 | Manufacturing Connect Edge UI REST endpoint |
2121 | FTP |
4840 | OPC UA |
5353 | mDNS |
5355 | LLMNR |
8081-8199 | REST API endpoints |
9081-9199 | gRPC API endpoints |
8883 | MQTT to Manufacturing Connect |
51280 | Manufacturing Connect Remote Access |
- Navigate to System > Network and click the Firewall tab.
Click Add Rule. The Add Inbound Rule dialog displays.
- Configure the parameters for the firewall rule.
- Port or Port Range: Enter a single port number or a range of port numbers separated by a hyphen (-).
- Protocol: Select TCP (transmission control protocol) or UDP (user datagram protocol).
- Interface: Select eth0 or eth1.
- (Optional) Service Name or Description: Enter a name for the rule.
- Click Add. The new rule displays on the pane.
To manage port rules, click the Action menu for a rule.
- Edit: Update the rule.
- Delete: Remove the rule and close the port or port range.