Required Port List
Below are the port requirements to ensure that your safe can function properly. Please ensure that your network team is made aware prior to the installation of the device(s).
| Service | Direction | Protocol/Port | Description |
|---|---|---|---|
| DHCP | In & Out | 67/UDP, 68/UDP | Devices need DHCP to obtain their IP address on the local network (Currently IPv4 only). |
| DNS | In & Out | 53/UDP | Domain Name Service: Used to resolve hostnames. Default DNS entries are 8.8.8.8 and 8.8.4.4. |
| NTP | In & Out | 123/UDP | Network Time Protocol: Used to obtain the current time of day for validating server certificates and logging. |
| HA Device Message System | Out | 8883/TCP | TLS 1.2 secured connection to message queue service (mutually authenticated). Used for card scans, responses, firmware updates, and config settings. |
| Azure DPS | Out | 8883/TCP | Used for device provisioning (TLS-secured). |
| Azure IOT | Out | 8883/TCP | Used for logging (TLS-secured). |
| OTA Upgrade | Out | 443/TCP | Used for downloading over-the-air firmware updates (TLS-secured). |
| Activation Server | Out | 443/TCP | Used for initial device activation, including config parameters and x.509 certificate signing. |