What port is being used for incontrol and incontrol2?


#1

Good day:

I need to declare all the traffic for my LAN. I have an AP one that need to be controlled by Incontrol and Incontrol2 (when available) but I dont know whan port the AP uses to communicate to incontrol. I think is TCP 11753 and UDP 11753, but not sure…

If you could add the destination will be great.

AG


#2

Hi,

Below is the ports using by InControl and InControl2:-

InControl

  • Outbound Tcp 80
  • Outbound Tcp 443

InControl2

  • Outbound Udp 5246
  • Outbound Tcp 443

#3

Hi Liew,

By default Which WAN connection it will use to connect with InControl2, because i need to define allow policy in my firewall based on source IP, which will allow Peplink device to communicate to InControl2 server


#4

Peplink should utilize all enabled WAN links that are “up” state for reporting back to InControl2. Hope this clarifies the matters.


#5

Hi Haruki.

Balance equipment use UDP Port 5246 to connect to somewhere in domain peplink.com when trying to connect to Incontrol2.

What server//port use Access Points to connect to Incontrol2?

I want to block all traffic from the lan subnet where the AP is and I’ll like the AP to connect to incontrol2.

AG


#6

I’m afraid to say that we are still in the process of creating a proper mechanism on how Pepwave Access Point (AP) series will access IC2 server. Therefore, we don’t have specific information as of yet. We will keep you updated. Stay tuned. :slight_smile:


#7

Let me update. All Peplink and Pepwave devices connect to the following hosts and ports for IC2 communication.

Hosts: ac1.peplink.com and ac2.peplink.com
UDP Port: 5246

Hosts: .peplink.com (where "" is “ra1-1” and “ra1-2” currently. But the host list will extend in the future.)
TCP Port: 443


#8

And if you want to use remote admin you also need 5246 TCP as well as UDP


#9

We use 3 balance 1350 and 3 710 as speedfusion endpoints (fleet of about 30 HD4’s + additional transit and transit duo’s).
While the WAN is connected to the DMZ firewall the balance routers, internet access is handled by
another router/firewall (it’s a huge network and the FW rules have to be administered in a central system), so I made a static route 0.0.0.0/0 to the LAN GW so all client data is trough.
However at this point the incontrol stops working, because the balance routers try to access the incontrol servers trough the LAN and the F/W stops them (only client subnets have outgoing rights,
the balance lan ip’s don’t)

Forcing an outbound rule (forcing traffic to peplink.com to WAN1) didn’t help either.
The quick and only fix was to allow outbound traffic on ports 443/tcp and 5246/udp
for the LAN IP’s

So stating that the peplink devices choose one of the WAN ports is incorrect!

Best Regards,

Derek


#10

This is due to you configured default route 0.0.0.0/0 to LAN gateway.

Can you share the network diagram?


#11

Is there any inbound ports that we need to be aware as well?


#12

This is the communication direction between device and InControl2

Device —UDP 5246, TCP 443—> InControl2


#13

Thanks @TK_Liew

How about the below @Michael, are these still the updated ones?


#14

You should now refer to this page instead.