My network is behind a corporate firewall, will AXIS Device Manager Extend still work?
AXIS Device Manager Extend directs all its outgoing connections used for remote management, warranty data, firmware images and device status information to be shown on the aggregated Dashboard via a unified endpoint. This endpoint should be added as a trusted destination to your corporate firewall. The details of this connection are:
• prod.adm.connect.axis.com = 220.127.116.11 and 18.104.22.168
• Some public DNS IP
The URL prod.adm.connect.axis.com is a simple A DNS entry which resolves to IP address 22.214.171.124 or 126.96.36.199. These IP addresses hosts an Application Gateway forwarding the requests further to the appropriate (depending on the incoming request path) backend host. Both the AXIS Device Manager Extend client and the site controller will use the domain name for all requests.
For this to work the network will need to use a public DNS (or e.g. cache the domain name in a local DNS). Therefore, in addition to the Application Gateway IP address some public DNS server IP should also be available (added to the allowlist).
For example: Google’s public DNS available at IPs: 188.8.131.52 and 184.108.40.206 or CloudFlare’s public DNS available at 220.127.116.11.
For Remote Access to site controllers on other subnets than where the client is running, additional firewall configuration is required:
|webRTC (Turn and P2P)||5349, 49152 - 65535||DTLS (UDP and TCP)|