Network Access Requirements

In order for Velostrata to function properly, you will need to make sure your network, firewall, and VPN are all configured properly. Here is a table that explains the network access requirements that must be configured:

Source Destination Scope Optional? Protocol Port
Velostrata Virtual Appliance on vSphere
vCenter Server Corp LAN - HTTPS TCP/443

Velostrata Telemetry Service
(optional)
Corp LAN Yes HTTPS TCP/443

vSphere ESXi Corp LAN - VMW NBD
TCP/902

Corp DNS Server
Corp LAN
- DNS
TCP/UDP/53

GCP/AWS/Azure API Endpoint
Corp Internet
- HTTPS
TCP/443

Velostrata Virtual Appliance in GCP/AWS/Azure
VPN
- TLS
TCP/9111

Workload Subnet in GCP/AWS/Azure – console probe
VPN
Yes
RDP
TCP/3389


VPN Yes
SSH
TCP/22
vCenter Server
Velostrata Virtual Appliance on vSphere
Corp LAN
- HTTPS TCP/443
Velostrata Edge Network Tags (GCP)

[Security Group (Azure/AWS)]

GCP Storage

[AWS S3
Endpoint/Azure Storage]

AWS/Azure/GCP Internet
- HTTPS
TCP/443

Velostrata Telemetry Service
(optional)
AWS/Azure/GCP Internet
Yes
HTTP or HTTPS
TCP/443

Workload Network Tags (GCP)

[Workload Security Group (Azure/AWS)]

Edge Network Tags in GCP

[Velostrata Security Group in AWS/Azure]

AWS VPC/AZURE VNET/GCP VPC
- iSCSI
TCP/3260



Yes
SYSLOG (for boot phase)
UDP/514 (optional)

Workload dependent
Corporate LAN
Workload dependent
Workload dependent
Workload dependent