- Print
- DarkLight
- PDF
Communication Ports for VDI & DaaS (EU Region)
- Print
- DarkLight
- PDF
This article covers the communication requirements for deploying ControlUp version 9.0 for VDI & DaaS organizations created in the EU region. Visit these articles to see the communication requirements for:
- Synthetic Monitoring (Scoutbees)
- ControlUp for Physical Endpoints & Apps
- Communication ports for VDI & DaaS for US + rest of the world (non-EU)
9.0 Specific URLs
If you are planning to upgrade to version 9.0, consult this article, which lists additional URLs requiring whitelisting for version 9.0
Outbound Connections
Devices and servers used by ControlUp, providing configuration interface, data aggregration, upload and authorization validation for web UI, access, and other services.
When you use a proxy in your environment, make sure to allowlist and open the ControlUp cloud configuration servers through your proxy.
To verify connectivity from ControlUp products and components, you can use our network tester tool which checks connectivity to all required outbound URLs.
ControlUp ensures that all URLs are protected using TLS to safeguard data during transit. However, for certain URLs, you must also enable SOAP. You can find this information in the Purpose column for the relevant URLs.
From the Real-Time Agent Machine
Mandatory Outbound URLs to use Agent Outbound Communication*
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
ControlUp Agent | cu-agents-cpa.controlup.com | TCP | 443 | HTTPS | |
ControlUp Agent | cu-agents-cpa-eu.controlup.com | TCP | 443 | HTTPS |
Optional ports, to use for Agent Outbound Communication
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
ControlUp Agent | ControlUp Monitor | TCP | 443 | HTTPS | Agent to Monitor communication |
Optional ports, to use Remote Control in the Web UI
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
ControlUp Agent | solve-ws-proxy-eu.controlup.com | TCP | 443 | HTTPS | Remote Control session from the web UI |
ControlUp Agent | IP address: 18.194.198.179 | TCP | 443 | HTTPS | Remote Control session from the web UI |
ControlUp Agent | IP address: 18.159.29.205 | TCP | 443 | HTTPS | Remote Control session from the web UI |
From the Real-Time Console Machine
Mandatory Outbound URLs
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
Console | fe1.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Console | fe2.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Console | fe3.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Console | fe4.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Console | rt-app.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Console | rt-app-eu-central-1.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services |
Console | rt-app-eu.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services |
Console | cu-ca-eu.controlup.com | TCP | 443 | HTTPS | Real-Time DX Centralized Auditing services |
Console | cu-ca-eu-central-1.controlup.com | TCP | 443 | HTTPS | Real-Time DX Centralized Auditing services |
Console | cu-services-cpa-eu.controlup.com | TCP | 443 | HTTPS | Google Analytics service, Google Kubernetes service, Events Reporter Kubernetes service, Identity Mangement service, Configuration Kubernetes service, SBA Store service |
Console | cu-services-cpa.controlup.com | TCP | 443 | HTTPS | Outbound security Kubernetes service, Master Broker, Action API notification service, Identity Mangement service, Configuration Kubernetes service, SBA Store Kubernetes service |
Mandatory Ports
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
Console | ControlUp Agent | TCP | 40705 | WCF | Incoming TCP / WCF traffic from Console and Monitor cluster to ControlUp Agents |
Console | ControlUp Agent | TCP | 135 - 139 | RPC | Agent deployment from the Console and certain built-in actions such as restarting the Agent |
Console | ControlUp Monitor | TCP | 40706 | WCF | Console ⇔ Monitor and internal Monitor cluster communication |
Console | ControlUp Monitor | TCP | 135 - 139, 445, 49152-65535 | RPC / WMI / SMB | Monitor deployment and upgrades from the Console and certain built-in actions, such as restarting the Agent |
Console | Data Collector | TCP | 40705 | WCF | Console to data collector communication |
Console | Domain Controller | TCP | 389 | LDAP | LDAP communication from the Real-Time Console and ControlUp Monitors with Domain Controllers |
Optional ports, depending on what you want to monitor
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
Console | https://* .cloud.com https://*.citrixworkspacesapi.net https:// *.xendesktop.net | TCP | 443 | HTTPS | Communication with Citrix Cloud |
Console | Citrix XenDesktop Controllers | TCP | 80 / 443 | HTTP/S | Communication with XenDesktop Infrastructure |
Console | Citrix XenServer Pool Master/Hosts | TCP | 80 / 443 | HTTP/S | Communication with XenServer Infrastructure (and RRD communications) |
Console | Linux Client | TCP | 22 | SSH | Communications with Linux machines |
Console | NetScalers | TCP | 443 / 80 | HTTP(S) | Depending on what the administrator configured |
Console | Nutanix/AHV | TCP | 9440 | Communication with Nutanix Infrastructure | |
Console | VMware Horizon Connection Server | TCP | 443 | HTTPS | Communication with Horizon Infrastructure |
Console | VMware vCenter Server | TCP | 443 | HTTPS | Communication with vSphere Infrastructure |
From the Real-Time Monitor Machine
Mandatory Outbound URLs
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
Monitor | fe1.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Monitor | fe2.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Monitor | fe3.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Monitor | fe4.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Monitor | rt-app.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services, SOAP |
Monitor | rt-app-eu-central-1.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services |
Monitor | rt-app-eu.controlup.com | TCP | 443 | HTTPS | Real-Time DX login services |
Monitor | cu-ca-eu.controlup.com | TCP | 443 | HTTPS | Real-Time DX Centralized Auditing services |
Monitor | cu-ca-eu-central-1.controlup.com | TCP | 443 | HTTPS | Real-Time DX Centralized Auditing services |
Monitor | mp.controlup.com | TCP | 443 | HTTPS / Secure Web Socket | Real-Time DX <> the web UI query engine |
Monitor | monitor-receiver-azure-westeurope-prod.controlup.com/v1/data (Or by IP address: 20.4.63.242) | TCP | 443 | HTTPS | Real-Time DX new data pipeline for reports |
Monitor | s3.eu-central-1.amazonaws.com | TCP | 443 | HTTPS | Real-Time DX / Insights historical data uploads |
Monitor | uploader-eu-central-1.controlup.com | TCP | 443 | HTTPS | Real-Time DX / Insights historical data uploads, SOAP |
Monitor | insights-hec.controlup.com | TCP | 443 | HTTPS | HTTP Event Collector (HEC) Endpoint - telemetry data from ControlUp Monitors |
Monitor | solve.controlup.com | TCP | 443 | HTTPS | Required to use the web UI actions |
Monitor | cu-services-cpa.controlup.com | TCP | 443 | HTTPS | Outbound security Kubernetes service, Master Broker, Action API notification service, Identity Mangement service, Configuration Kubernetes service, SBA Store Kubernetes service |
Monitor | cu-services-cpa-eu.controlup.com | TCP | 443 | HTTPS | Outbound security Kubernetes service, Master Broker, Action API notification service, Identity Mangement service, Configuration Kubernetes service, SBA Store Kubernetes service |
Monitor | cu-services-cpz-eu.controlup.com | TCP | 443 | HTTPS | Schema service, Monitor receiver |
Mandatory Ports
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
Monitor | ControlUp Agent | TCP | 135 - 139, 445, 49152-65535 | RPC / WMI / SMB | Agent deployment via the monitor |
Monitor | ControlUp Agent | TCP | 40705 | WCF | Monitor to agent communication |
Monitor | ControlUp Monitor | TCP | 40706 | WCF | Inter-Monitor communication |
Monitor | ControlUp Monitor | TCP | 135 - 139, 445, 49152-65535 | RPC / WMI / SMB | Monitor deployment from the console |
Monitor | Data Collector | TCP | 40705 | WCF | Monitor to data collector communication |
Monitor | Domain Controller | TCP | 389 | LDAP | LDAP communication with Domain Controllers |
Optional ports, depending on what you want to monitor
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
Monitor | https://* .cloud.com https://*.citrixworkspacesapi.net https:// *.xendesktop.net | TCP | 443 | HTTPS | Communication with Citrix Cloud |
Monitor | Citrix XenDesktop Controllers | TCP | 80 / 443 | HTTP/S | Communication with XenDesktop Infrastructure |
Monitor | Citrix XenServer Pool Master/Hosts | TCP | 80 / 443 | HTTP/S | Communication with XenServer Infrastructure (and RRD communications) |
Monitor | Linux Client | TCP | 22 | SSH | Communications with Linux machines |
Monitor | NetScalers | TCP | 443 / 80 | HTTP(S) | Depending on what the administrator configured |
Monitor | Nutanix/AHV | TCP | 9440 | Communication with Nutanix Infrastructure | |
Monitor | SMTP Server | TCP | 25 | Email alerts | |
Monitor | VMware Horizon Connection Server | TCP | 443 | HTTPS | Communication with Horizon Infrastructure |
Monitor | VMware vCenter Server | TCP | 443 | HTTPS | Communication with vSphere Infrastructure |
Monitor | solve-ws-proxy-eu.controlup.com* | TCP | 443 | HTTPS | Remote Control session from the web UI |
Monitor | IP address: 18.194.198.179* | TCP | 443 | HTTPS | Remote Control session from the web UI |
Monitor | IP address: 18.159.29.205* | TCP | 443 | HTTPS | Remote Control session from the web UI |
* These URLs are only relevant for ControlUp version 9.0.
From the Real-Time Data Collector Machine
Optional ports, depending on what you want to monitor
Source | DNS | Type | Port | Protocol | Purpose |
---|---|---|---|---|---|
Data Collector | https://* .cloud.com https://*.citrixworkspacesapi.net https:// *.xendesktop.net | TCP | 443 | HTTPS | Communication with Citrix Cloud |
Data Collector | https://management.azure.com | TCP | 443 | HTTPS | Communication with Microsoft Azure |
Data Collector | https://sts.amazonaws.com https://ec2.amazonaws.com | TCP | 443 | HTTPS | Communication with AWS |
Data Collector | Citrix XenDesktop Controllers | TCP | 80 / 443 | HTTP/S | Communication with XenDesktop Infrastructure |
Data Collector | Citrix XenServer Pool Master/Hosts | TCP | 80 / 443 | HTTP/S | Communication with XenServer Infrastructure (and RRD communications) |
Data Collector | Linux Client | TCP | 22 | SSH | Communications with Linux machines |
Data Collector | NetScalers | TCP | 443 / 80 | HTTP(S) | Depending on what the administrator configured |
Data Collector | Nutanix/AHV | TCP | 9440 | Communication with Nutanix Infrastructure | |
Data Collector | VMware Horizon Connection Server | TCP | 443 | HTTPS | Communication with Horizon Infrastructure |
Data Collector | VMware vCenter Server | TCP | 443 | HTTPS | Communication with vSphere Infrastructure |
Required Connection for DEX
You can access the DEX platform via https://app.controlup.com. Make sure that your browser can access this URL.
Required Connection for Real-Time Reports from New Data Pipeline
To enable ControlUp monitors to send data to the new data pipeline for reporting, add the following URL to your allow list:
- https://monitor-receiver-azure-westeurope-prod.controlup.com/v1/data
Or by IP address: 20.4.63.242
(As mentioned in the Monitor table above.)
If you use legacy reports to view historical data, add the following URLs to your allow list:
- https://cu-services-cpa-eu.controlup.com
- https://cu-services-cpz-eu.controlup.com
Synthetic Monitoring
ControlUp for VDI & DaaS includes proactive synthetic testing for your network infrastructure and EUC gateways. Visit Communication requirements for Scoutbees for details.