// removed jquery ui css and js

Monitor Firewall Rules

MON Ports

Port

Direction

Remote Source

Notes

22

Ingress (optional)

Allowed SSH source IP

For troubleshooting purposes.

4560Ingress
  • CCM or
    CCM_SA_PRIMARY and  CCM_SA_SECONDARY
  • CCO or
    CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY
(Logstash) To collect, process, and push the logs to the CCM and/or CCO.
8881Ingress
  • CCM or
    CCM_SA_PRIMARY and  CCM_SA_SECONDARY
  • CCO or
    CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY
(Elasticsearch) To download logs for the CCM and/or CCO.
8882IngressPublic browser accessTo view the logs in the Kibana console.

8443

 

Ingress/ Egress

  • CCM or
  • CCM_SA or
  • CCM_SA_PRIMARY, CCM_SA_SECONDARY, and CCM_LB

For two-way communication between the CCM and Monitor VMs.

Egress

CCO or CCO_LB

For access to the CCO VM.

  • No labels
© 2017 Cisco Systems