Required Ports
The following URLs and ports must be opened on the machine where IMS is installed.
Component | Source | Destination | Port | Protocol | Direction | Required | Description |
|---|---|---|---|---|---|---|---|
| Identity | IMS Primary & Secondary | IEE Tenant Management | 10800 | HTTPS | Outbound Only | true | Used for authentication and authorization for the Monitoring Service and Hot Reading Query API |
| Ignite | IMS Primary | IMS Secondary | 47500-47600(Discovery) | TCP/IP | Bi-directional | true | Ignite discovery port range is to find the node each other between IMS core services and adapters. This discovery port range is only internal between the IMS core and adapter services. |
| 47100-47200(Comm) | TCP/IP | Bi-directional | true | Ignite communication port range is to find the node each other between IMS core services and adapters. This communication port range is only internal between the IMS core and adapter services. | |||
| AMM Transport | IMS Secondary | AMM | 3009 | HTTPS | Bi-directional | true | To connect to AMM system |
| JMS Transport | JMS | 7243 | SSL | Bi-directional | true | To connect to JMS | |
| AMM Transform | DMS | 7080 | HTTP | Bi-directional | false | To fetch ESN/MAC id mappings in unsecured mode | |
| 7043 | HTTPS | Bi-directional | true | To fetch ESN/MAC id mappings in secured mode | |||
| SOAP Transport | IEE Device Comm | IMS Secondary | 5000 | HTTPS | Bi-directional | true | Host the SOAP Transport in secured mode with Transport level certificate |
| 5001 | HTTP | Bi-directional | true | Host the SOAP Transport in unsecured mode | |||
| 5002 | HTTP | Bi-directional | true | Host the SOAP Transport in secured mode with message level certificate | |||
| Monitoring service | IEE Web UI (Edge Explorer) | IMS Primary & IMS Secondary | 8010 | HTTPS | Bi-directional | true | UI calls Monitoring service to get the metrics |
| DBeaver Tool | DBeaver Tool | IMS Primary & IMS Secondary | 10800-10810 | TCP/IP | Bi-directional | true | Used for connecting Ignite cache by DBeaver tool through IMS Services . Note : its default ignite port for thin client/JDBC/ODBC port. |
| ADS Pipelines
| IMS Primary & Secondary
| itron.visualstudio.com | 443 | HTTPS | Outbound Only | true | To perform installation through ADS release pipeline to the server/Virtual Machine. |
| download.visualstudio.microsoft.com | 443 | HTTPS | Outbound Only | true | To download installer package from blob while performing remote installation through ADS pipeline to the server/virtual machine. | ||
| str1use1ihc1prod.blob.core.windows.net | 443 | HTTPS, TLS | Outbound Only | true | To download installer package from blob while performing remote installation through ADS pipeline to the server/virtual machine. | ||
| vstsagentpackage.azureedge.net | 443 | HTTPS, TLS | Outbound Only | true | To download the ADS Agent that performs the deployment tasks on target machines. Required only for initial install. | ||
| Hot Reading Query API
| IEE Rest API or GRPC client
| Hot Reading Query API
| 9001 | HTTPS, TLS | Outbound Only | true | Host the Hot Reading Query API (GRPC Service) in secured mode with Transport level certificate. |
| 9000 | HTTP2 | Outbound Only | true | Host the Hot Reading Query API (GRPC Service) in Unsecured mode with Http2. | |||
| AMM Portal | IMS Primary & Secondary | AMM | 3010, 6343 | HTTPS | Outbound Only | false | To connect AMM Portal to investigate any issues for troubleshooting. |
Note: IMS also needs connectivity to https://vstsagentpackage.azureedge.net to download the VSTS agent. This is a one-time activity. Once the VSTS agent setup is complete, this connectivity is no longer needed, so it does not need to be added to the required list. It is required only if the installation is performed through the ADS release pipeline.
See also Port Connectivity Verification.