CloudGen Access

These are the network requirements for a secure working installation:

- Internal resources (configured from the CloudGen Access Console) can only communicate with the internal leg of the Envoy Proxy.
- The Envoy proxy has an internal leg and an internet-facing leg.
- The Internet-facing leg needs to expose the configured CloudGen Access Proxy port.
- For High Availability mode (HA), the Envoy Proxy must be placed behind a layer 3 round robin load balancer.

- These are the network requirements for a secure working installation:
   
  - Internal resources (configured from the CloudGen Access Console) can only communicate with the internal leg of the Envoy Proxy.
  - The Envoy proxy has an internal leg and an internet-facing leg.
  - The Internet-facing leg needs to expose the configured CloudGen Access Proxy port.
  - For High Availability mode (HA), the Envoy Proxy must be placed behind a layer 3 round robin load balancer.

All values are assumed to be default values.

Redis Replication is beyond the scope of this document. See <a href="https://redis.io/topics/replication" rel="nofollow noopener noreferrer" target="_blank">Redis Replication</a> on the redis site.

Network

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Component	Description	Direction	Protocol / Port	Mode
Envoy Proxy	Access port	Inbound	Configured in Console	All
Registered resources	Outbound	Configured in Console	All
CloudGen Access Proxy Orchestrator	Outbound	TCP 50051	All
CloudGen Access Proxy Orchestrator	Envoy Proxy Cluster	Inbound	TCP 50051	All
CloudGen Access Console API	Outbound	TCP 443	All
Redis	Outbound	Configured Redis port	HA mode

Requirements

Firewall Configuration

Network Diagrams

Single Mode

High Availability Mode