Firewall Considerations for Telos Connect

Updated 3 weeks ago by Bryan Jones

Scope

This article covers firewall considerations that can affect Telos Connect. This does not cover any firewall in particular but describes the requirements.


Description

Telos Connect (also called Support Link), if enabled, allows secure, encrypted access to logs and config files on a number of Telos products.

Telos Connect is OFF by default on all products. You must enable it for Telos support to be able to assist you with troubleshooting or configuration.


Requirements

As of this writing, Telos Connect uses one of three geographically located servers for redundancy and load balancing as required. Of particular note are the location of the servers.

The servers used are;

  • zip.telos-systems.com - US Virginia data center
  • zip2.telos-systems.com - Amsterdam data center
  • zip3.telos-systems.com - Singapore data center
The currently active data center is the Amsterdam Datacenter. This could change but there are no plans at the moment. This would be important if your Firewall is doing any geo-blocking.

Telos Connect also needs access to secure.telos-systems.com


Ports used

The outbound connection uses HTTPS on port 443.

Telos Connect will attempt to send a UDP message on port 31000. It also uses HTTPS / TCP connections on port 443.

If both of those are blocked, Telos Connect will not work.


Connections

All connections are established outbound. Telos will never attempt to connect to your device.

All connections will be from one of those servers. No additional IP addresses or hostnames need to be accounted for.


Let us know how we can help

If you have further questions on this topic or have ideas about improving this document, please contact us.


How did we do?


TelosHelp (opens in a new tab)

Powered by HelpDocs (opens in a new tab)