In order for RIA to be able to centrally monitor ecosystems, provide statistics and support to members, we request that security server ports 5500/tcp and 5577/tcp be open to RIA monitoring servers from different environments listed in the table below:
| Type | EE - production | ee-test | ee-dev |
|---|
| Central Server | 213.184.41.178
213.184.41.186
213.184.41.190 | cs1.test.x-tee.ee
cs2.test.x-tee.ee
cs3.test.x-tee.ee | 195.80.109.140
195.80.123.210
195.80.123.213 |
| Central Monitoring Server | 195.80.123.159 | mon.test.x-tee.ee | 195.80.123.169 |
| Management Security Server | 213.184.41.177
213.184.41.185
213.184.41.189 | hs1.test.x-tee.ee
hs2.test.x-tee.ee
hs3.test.x-tee.ee | 195.80.109.139
195.80.123.215
195.80.123.216 |
When managing port access, we strongly recommend that you use a firewall to allow (whitelist) only the addresses of the X-tee Center and your data exchange partners.
The ports that must be open:
- Outbound connection ports (from security server to external network, OUT):
- to Central Servers: TCP 4001, 80
- to Managemener Security Server: TCP 5500, 5577
- Incoming connection ports (from external network to security server, IN):
- from your X-Road data exchange partners: TCP 5500, 5577
- from RIA's Monitoring Server: TCP 5500, 5577
You can find more information about the description of the used ports here and a sample diagram here.
NB!: Please make sure that security server ports 80 and 443 are not open to the outside world!