Introduction
As a rule of thumb most companies now have firewall setups and IT departments to handle general network. For security reasons that could limit the access to, and communication within the network. Therefore the following configurations has to be set up, so the DIAP device can function within such an environment.
Firewall rules
If you are manually handling firewall rules, the following must be configured for the DIAP device to funciton (remote access are optional):
| Name | Communication url/IP | Port | Communication direction |
|---|---|---|---|
| Data sync | iot-diapcustomerdemo.azure-devices.net | 8883 * | Outbound TCP |
| Update server | 52.164.127.14 ** | 22 (ssh) | Outbound TCP |
| Remote access | 13.73.165.91 | 6234 | Outbound TCP |
Rules expanded explanation
Data sync: To be able to send data from the DIAP hardware device to the cloud.
Update server: For Data Intelligence to be able to update the DIAP hardware device.
Remote access: Only needed to allow for remote access through the DIAP hardware device.
* Standard MQTT port.
** The DIAP update server has no domain name registration. Only the static IP is available.
Network Time Protocol
For the DIAP device to be able to synchronize time, an NTP server (or something similar) has to be available on the network. The following is the standard configuration, but can be altered if needed.
| Name | Port | Communication direction |
| NTP | 123 | Outbound UDP |
NTP: Network Time Protocol, used to synchronize time down to the millisecond.
Server used:
server 0.europe.pool.ntp.org
server 1.europe.pool.ntp.org
server 2.europe.pool.ntp.org
server 3.europe.pool.ntp.org