Firewalls and proxy servers
Some service and support functions, including Call Home and warranty status, require access to the Internet. If you have firewalls in your network, configure the firewalls to enable XClarity Orchestrator and resource managers to perform these operations. If Lenovo XClarity Orchestrator and resource managers do not have direct access to the Internet, configure them to use a proxy server.
Firewalls
Ensure that the following DNS names and ports are open on the firewall for XClarity Orchestrator and applicable resource managers (Lenovo XClarity Management Hub 2.0, Lenovo XClarity Management Hub, and Lenovo XClarity Administrator), as applicable. Each DNS represents a geographically distributed system with a dynamic IP address.
| DNS name | Ports | Protocols |
|---|---|---|
| Download updates (management-server updates, firmware updates, UpdateXpress System Packs (OS device drivers), and repository packs) | ||
| download.lenovo.com | 443 | https |
| support.lenovo.com | 443 and 80 | https |
| Send service data to Lenovo Support (Call Home) – XClarity Orchestrator only | ||
| soaus.lenovo.com | 443 | https |
esupportwebapi.lenovo.com (XClarity Orchestrator v2.0 and later) rsgw-eservice.motorola.com (XClarity Orchestrator v1.6) supportwebapi.lenovo.com:443/luf.luf-web.prd/BLL/Logupload.ashx (XClarity Orchestrator v1.5 and earlier) | 443 | https |
| Send periodic data to Lenovo – XClarity Orchestrator only | ||
esupportwebapi.lenovo.com (XClarity Orchestrator v2.0 and later) rsgw-eservice.motorola.com (XClarity Orchestrator v1.6) supportwebapi.lenovo.com:443/luf.luf-web.prd/BLL/uploadSnapshot.ashx (XClarity Orchestrator v1.5 and earlier) | 443 | https |
| Retrieve warranty information | ||
| supportapi.lenovo.com | 443 | https |
| Manage network resources through Schneider Electric EcoStruxure IT Expert | ||
| api.ecostruxureit.com | 443 | https |
Proxy server
If XClarity Orchestrator or resource managers do not have direct access to the Internet, ensure that they are configured to use an HTTP proxy server (see Configuring the network).
- Ensure that the proxy server is set up to use basic authentication.
- Ensure that the proxy server is set up as a non-terminating proxy.
- Ensure that the proxy server is set up as a forwarding proxy.
- Ensure that load balancers are configured to keep sessions with one proxy server and not switch between them.