If the Intra2net System is not used directly on the Internet, but behind a firewall, some connections have to be allowed on it.
![[Hint]](../images/admon/note.png) | Hint |
|---|---|
Intra2net has the right to change the IP addresses behind the DNS names at any time and without prior notice. Only changes to the DNS name will be announced in advance. If your firewall does not accept DNS names and cannot update them regularly, it is advisable to either check the DNS names on a regular basis or to release all connections from the Intra2net system to the corresponding ports. |
Intra2net systems must be able to establish connections (outgoing connections) to the following targets:
| Target | Protocol | Target Port / Packet Type | Function |
|---|---|---|---|
| update.intra2net.com | TCP | 443 (https) | System updates, anti-spam updates, licenses, coordination of antivirus updates |
| avupdate.intra2net.com | TCP | 443 (https) | Antivirus Update Data |
| *.avcloud.intra2net.com | TCP | 443 (https) | Antivirus cloud for real-time scanning of virus checksums |
| avfpc.intra2net.com | TCP | 443 (https) | Antivirus cloud for real-time queries of false positives |
| *.intra2net.pool.ntp.ntp.org or NTP server of choice | TCP and UDP | 123 (ntp) | Time Synchronization |
| support.intra2net.com | TCP | 5000 to 5050 | Manufacturer Remote Maintenance |
| Your DNS Server | TCP and UDP | 53 (dns) | Name Resolution |
| Multiple Servers | TCP | 2703 | Razor Spam Detection |
| Multiple Servers | ICMP | Echo-Request (Ping) | Connection Monitoring |
Other possible services to be activated are email (POP3 and SMTP) as well as HTTP, HTTPS and FTP for the Intra2net system proxy.
If you want to use the services listed below, you must open the corresponding ports for incoming connections from the Internet:
| Protocol | Destination port | Function |
|---|---|---|
| TCP | 443 (https) | Web groupware, Activesync, remote maintenance Note: The port number used for web groupware and remote maintenance can be changed. Activesync works on port 443 only. |
| TCP | 80 (http) | Issuing and renewing certificates via Let's Encrypt |
| TCP | 25 (smtp) | Receive incoming emails via SMTP (MX record points to external IP) |
| TCP | 587 (smtp-submission) | Sending emails by external users |
| TCP | 993 (imaps) | Retrieval of emails and groupware data by external users |
| UDP | 500 and 4500 | Incoming VPN connections |