用于防火墙配置的瞻博网络 Mist 防火墙端口和 IP 地址
总结 为确保 Juniper Mist™ 的连接和正常运行,请将防火墙配置为打开所需的防火墙端口,并允许流量进出您所在地区的 Juniper Mist IP 地址。
瞻博网络 Mist 端口和 IP 地址因区域而异。要了解哪个 Juniper Mist 区域适用于您的场景,请参阅 Juniper Mist 云实例。
Mist 云 IP 地址和端口
| 服务类型 | 全球 01 | 全球 02 | 全球 03 | 全球 04 | 欧洲、中东和非洲 01 | 欧洲、中东和非洲 02 | 欧洲、中东和非洲 03 | 亚太地区 01 |
|---|---|---|---|---|---|---|---|---|
| 管理员门户 | manage.mist.com/signin.html (TCP 443) api-ws.mist.com (TCP 443) api.mist.com (TCP 443) |
manage.gc1.mist.com (TCP 443) api-ws.gc1.mist.com (TCP 443) api.gc1.mist.com (TCP 443) |
manage.ac2.mist.com (TCP 443) api-ws.ac2.mist.com (TCP 443) api.ac2.mist.com (TCP 443) |
manage.gc2.mist.com (TCP 443) api-ws.gc2.mist.com (TCP 443) api.gc2.mist.com (TCP 443) |
manage.eu.mist.com (TCP 443) api-ws.eu.mist.com (TCP 443) |
manage.gc3.mist.com (TCP 443) api-ws.gc3.mist.com (TCP 443) |
manage.ac6.mist.com (TCP 443) api-ws.ac6.mist.com (TCP 443) |
manage.ac5.mist.com (TCP 443) api-ws.ac5.mist.com (TCP 443) api.ac5.mist.com (TCP 443) |
| 应用程序接口 | api.mist.com (TCP 443) | api.gc1.mist.com (TCP 443) | api.ac2.mist.com (TCP 443) | api.gc2.mist.com (TCP 443) | api.eu.mist.com (TCP 443) | api.gc3.mist.com (TCP 443) |
api.ac6.mist.com (TCP 443) |
api.ac5.mist.com (TCP 443) |
| 访客 Wi-Fi 门户 | portal.mist.com (TCP 443) | portal.gc1.mist.com (TCP 443) | portal.ac2.mist.com (TCP 443) | portal.gc2.mist.com (TCP 443) | portal.eu.mist.com (TCP 443) | portal.gc3.mist.com (TCP 443) |
portal.ac6.mist.com (TCP 443) |
portal.ac5.mist.com (TCP 443) |
| Webhook 源 IP 地址(静态 IP 地址) | 54.193.71.17 54.215.237.20 |
34.94.226.48/28 (34.94.226.48-34.94.226.63) |
34.231.34.177 54.235.187.11 18.233.33.230 |
34.152.4.85 35.203.21.42 34.152.7.156 |
3.122.172.223 3.121.19.146 3.120.167.1 |
35.234.156.66 |
51.112.15.151 51.112.76.109 51.112.86.222 |
54.206.226.168 13.238.77.6 54.79.134.226 |
| Juniper Mist 支持 | support-portal.mist.com | support-portal.mist.com | support-portal.mist.com | support-portal.mist.com | support-portal.mist.com | support-portal.mist.com | support-portal.mist.com |
support-portal.mist.com |
设备到云的地址和端口
终止符的 IP 地址将更改。使用基于 FQDN 的防火墙规则。
| 设备类型 | 全球 01 | 全球 02 | 全球 03 | 全球 04 | 欧洲、中东和非洲 01 | 欧洲、中东和非洲 02 | 欧洲、中东和非洲 03 | 亚太地区 01 |
|---|---|---|---|---|---|---|---|---|
| 瞻博网络 Mist 接入点和瞻博网络 Mist 边缘 | ep-terminator.mistsys.net (TCP 443) portal.mist.com (TCP 443) redirect.mist.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.gc1.mist.com (TCP 443) portal.gc1.mist.com (TCP 443) redirect.mist.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.ac2.mist.com (TCP 443) portal.ac2.mist.com (TCP 443) redirect.mist.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.gc2.mist.com (TCP 443) portal.gc2.mist.com (TCP443) redirect.mist.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.eu.mist.com (TCP 443) portal.eu.mist.com (TCP 443) redirect.mist.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.gc3.mist.com (TCP 443) portal.gc3.mist.com (TCP 443) redirect.mist.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.ac6.mist.com (TCP 443) portal.ac6.mist.com (TCP 443) redirect.mist.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.ac5.mist.com (TCP 443) portal.ac5.mist.com (TCP 443) redirect.mist.com (TCP 443) |
| EX 系列交换机 | redirect.juniper.net (TCP 443) jma-terminator.mistsys.net (TCP 443) ztp.mist.com (TCP 443) oc-term.mistsys.net (TCP 2200) |
redirect.juniper.net (TCP 443) jma-terminator.gc1.mist.com ztp.gc1.mist.com (TCP 443) oc-term.gc1.mist.com (TCP 2200) cdn.juniper.net (TCP 443) |
redirect.juniper.net (TCP 443) jma-terminator.ac2.mist.com ztp.ac2.mist.com (TCP 443) oc-term.ac2.mist.com (TCP 2200) cdn.juniper.net (TCP 443) |
redirect.juniper.net (TCP 443) jma-terminator.gc2.mist.com ztp.gc2.mist.com (TCP 443) oc-term.gc2.mist.com (TCP 2200) cdn.juniper.net (TCP 443) |
redirect.juniper.net (TCP 443) jma-terminator.eu.mist.com ztp.eu.mist.com (TCP 443) oc-term.eu.mist.com (TCP 2200) cdn.juniper.net (TCP 443) |
redirect.juniper.net (TCP 443) ztp.gc3.mist.com (TCP 443) oc-term.gc3.mist.com (TCP 2200) cdn.juniper.net (TCP 443) |
redirect.juniper.net (TCP 443) jma-terminator.ac6.mist.com (TCP 443) ztp.ac6.mist.com (TCP 443) oc-term.ac6.mist.com (TCP 2200) cdn.juniper.net (TCP 443) |
redirect.juniper.net (TCP 443) jma-terminator.ac5.mist.com ztp.ac5.mist.com (TCP 443) oc-term.ac5.mist.com (TCP 2200) cdn.juniper.net (TCP 443) |
| SRX 系列防火墙 | redirect.juniper.net (TCP 443) ztp.mist.com (TCP 443) oc-term.mistsys.net (TCP 2200) srx-log-terminator.mist.com (TCP 6514) |
redirect.juniper.net (TCP 443) ztp.gc1.mist.com (TCP 443) oc-term.gc1.mist.com (TCP 2200) srx-log-terminator.gc1.mist.com (TCP 6514) |
redirect.juniper.net (TCP 443) ztp.ac2.mist.com (TCP 443) oc-term.ac2.mist.com (TCP 2200) srx-log-terminator.ac2.mist.com (TCP 6514) |
redirect.juniper.net (TCP 443) ztp.gc2.mist.com (TCP 443) oc-term.gc2.mist.com (TCP 2200) srx-log-terminator.gc2.mist.com (TCP 6514) |
redirect.juniper.net (TCP 443) ztp.eu.mist.com (TCP 443) oc-term.eu.mist.com (TCP 2200) srx-log-terminator.eu.mist.com (TCP 6514) |
redirect.juniper.net (TCP 443) ztp.gc3.mist.com (TCP 443) oc-term.gc3.mist.com (TCP 2200) srx-log-terminator.gc3.mist.com (TCP 6514) |
redirect.juniper.net (TCP 443) ztp.ac6.mist.com (TCP 443) oc-term.ac6.mist.com (TCP 2200) srx-log-terminator.ac6.mist.com (TCP 6514) |
redirect.juniper.net (TCP 443) ztp.ac5.mist.com (TCP 443) oc-term.ac5.mist.com (TCP 2200) srx-log-terminator.ac5.mist.com (TCP 6514) |
| SSR 系列路由器 | ep-terminator.mistsys.net (TCP 443) portal.mist.com (TCP 443) redirect.mist.com (TCP 443) software.128technology.com (TCP 443) rp.cloud.threatseeker.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.gc1.mist.com (TCP 443) portal.gc1.mist.com (TCP 443) redirect.mist.com (TCP 443) software.128technology.com (TCP 443) rp.cloud.threatseeker.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.ac2.mist.com (TCP 443) portal.ac2.mist.com (TCP 443) redirect.mist.com (TCP 443) software.128technology.com (TCP 443) rp.cloud.threatseeker.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.gc2.mist.com (TCP 443) portal.gc2.mist.com (TCP443) redirect.mist.com (TCP 443) software.128technology.com (TCP 443) rp.cloud.threatseeker.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.eu.mist.com (TCP 443) portal.eu.mist.com (TCP 443) redirect.mist.com (TCP 443) software.128technology.com (TCP 443) rp.cloud.threatseeker.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.gc3.mist.com (TCP 443) portal.gc3.mist.com (TCP 443) redirect.mist.com (TCP 443) software.128technology.com (TCP 443) rp.cloud.threatseeker.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.ac6.mist.com (TCP 443) portal.ac6.mist.com (TCP 443) redirect.mist.com (TCP 443) software.128technology.com (TCP 443) rp.cloud.threatseeker.com (TCP 443) |
ep-terminator.mistsys.net (TCP 443) ep-terminator.ac5.mist.com (TCP 443) portal.ac5.mist.com (TCP 443) redirect.mist.com (TCP 443) software.128technology.com (TCP 443) rp.cloud.threatseeker.com (TCP 443) |
接入点的其他信息
- AP 需要 TCP 端口 443 才能连接到瞻博网络 Mist 云。或者,您可以使用第 2 层隧道协议 (L2TP) 对此流量进行隧道传输。
- 域名系统 (DNS) 需要 UDP 端口 53 来查找云主机名。但是,DNS 不需要公有 DNS 服务器。
- 动态主机控制协议 (DHCP) 最初需要 UDP 端口 67 和 68。初始设备载入后,您可以根据需要在设备上配置静态 IP。
- 在某些环境中,网络时间协议 (NTP) 可能需要 UDP 端口 123。默认情况下,AP 将尝试从 pool.ntp.org 接收时间。AP 还可以通过 DHCP 选项 42 接收时间。
-
我们还建议打开 UDP 端口 443 和 TCP 端口 80。
-
IP 地址会定期更改,并可能解析为如下内容:ep-terminator-production-839577302.us-west-1.elb.amazonaws.com。
-
支持代理设置,并且使用代理设置(如果可用),但如果没有,AP 仍将尝试连接。
允许的其他主机
- portal.mist.com WiFi 强制网络门户
- manage.mist.com/signin.html 用于 Admin UI 访问权限
- api.mist.com Admin API 访问权限
- api-ws.mist.com 用于管理 websocket API 访问
- 管理员 支持门户访问权限 support-portal.mist.com
有线/WAN 保证的其他信息
这是有线/WAN 保证所需的终止符:radsec.nac.mist.com (TCP 2083)。
终止符的 IP 地址将更改。使用基于 FQDN 的防火墙规则。