Versions Compared

Old Version 5

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version 6

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Note
titleNote

Infoblox does not support any VPN clients running on the same device along with BloxOne Mobile Endpoint.

...

Before you install BloxOne Endpoint, ensure that you check the following, otherwise endpoint might not function properly:

  • When installing BloxOne Endpoint from an install package, do ensure the install package was downloaded from the correct Organization in the Cloud Services Portal. The install package contains a Customer ID that defines what organization the endpoint will be assigned.
  • It is recommended to not disable or delete any active devices that currently have BloxOne Endpoint installed via the Cloud Services Portal. If the device is removed from the CSP, the client device will not be protected, and the device will not show up on the CSP’s Endpoints page.
  • Your host machine must have enough capacity to run endpoint. On average, endpoint consumes less than 0.5% of CPU and less than 50 MB of memory. Note that these numbers vary based on the host hardware configuration.
  • Your local device is not running any DNS service.
  • If your device is running MAC OS X, ensure that you turn off Internet Sharing.
  • Do not apply any firewall rules to block TCP port 443 due to the following:
    • Endpoint should be able to access the Infoblox geo-based Anycast IP addresses using TCP port 443 as mentioned here
    • Endpoint must be able to access the following using TCP port 443:
      • 52.119.40.100
      • 52.119.41.100
      • 103.80.5.100
      • 103.80.6.100
    • Endpoint must be able to access the following using TCP port 443
      • csp.infoblox.com
      • threatdefense.infoblox.com and its subdomains
    • Endpoint listens on port 53 on the device's 127.0.0.2 loopback address
  • Do not apply any firewall rules to block UDP port 53 due to the following:
    • Endpoint must be able to access 52.119.40.100 and 103.80.5.100 using UDP port 53The UDP port 53 query is used to identify (1) the public IP address of the endpoint and (2) the AWS region to which endpoint is connected.
  • Allow HTTPS traffic to s3.dualstack.us-east-1.amazonaws.com where us-east-1 can change based on the region setting for auto upgrade. You must allow HTTPS traffic to access s3.dualstack.us-east-1.amazonaws.com to automatically upgrade endpoint.
  • If you have a VPN client, ensure that the VPN connection is established in the “Split tunnel” mode for every network protocol (IPv4 or IPv4/IPv6 for dual stack).

...