Contact Us 1-800-596-4880
  1. Homepage
  2. CloudHub 2.0
  3. Extending Your Network to Anypoint Platform
  4. Configuring Private Spaces

  5. Configuring Firewall Rules to Manage Traffic to and from a Private Space

Configuring Firewall Rules to Manage Traffic to and from a Private Space

By default, all traffic to your private space is blocked unless it is explicitly allowed in a firewall rule.

Creating a private space automatically creates these firewall rules:

  • Two rules to allow inbound connections from any host:

    • HTTPS: port 443

    • HTTP: port 80

  • Two rules to allow outbound connections from within your private space to any host:

    • TCP: All ports

    • HTTPS: 443

You can also configure inbound firewall rules that use TCP as the protocol.

To support Anypoint MQ, API Manager, and ObjectStore v2, you must allow outbound traffic on port 443 (HTTPS).

Configure Firewall Rules

  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. Click the Firewall rules tab.

  4. Configure default rules for inbound traffic by selecting the Protocol and Source from the drop-down lists:

    Protocol

    Protocol type:

    • HTTP

    • HTTPS

    Source

    Source IP address:

    • Anywhere (0.0.0.0/0)

    • Local private network

      This option is available only if a private network exists in the private space.

    Ports

    Ports for inbound traffic are not configurable:

    • Port 80 is reserved HTTP.

    • Port 443 is reserved for HTTPS.

    • Other ports below 1024 are not allowed. Ports 1024 and above are allowed for plain TCP connections, but not for additional HTTP/HTTPS ingress endpoints.

  5. Configure default rules for outbound traffic by selecting the Protocol and Destination from the drop-down lists:

    Protocol

    Protocol type:

    • All

    • TCP

    • UTP

    • HTTP

    • HTTPS

    Destination

    Destination IP address:

    • Anywhere (0.0.0.0/0)

    • Local private network

      This option is available only if a private network exists in the private space.

    Ports

    Port ranges for outbound traffic are configurable.

  6. Click Add rule to add more rules.

  7. To remove a firewall rule, click the trash can icon (Delete) for the entry.

    Delete icon on the Firewall rules tab

  8. Click Save Changes or Discard changes.

You can’t configure duplicate firewall rules. If you attempt to do so, an error shows prompting you to delete any duplicated firewall rules.