Comment on page
Network Requirements
Needed Requirements for your SWARM Perception Box
- IPv4 is required (IPv6 is not supported)
- A private IP4 address is okay. A public routable IP4 address is not required.
- Make sure the MTU size is at least 1500 bytes.
- At least 1Mbit/s down/up
The P101/OP101/VPX Agent need to connect to the SWARM Control Center, which is hosted in the Microsoft Azure Cloud. This requires the following outgoing ports to be open in your firewall. Incoming ports are not required to be open.
Port | Protocol | Direction |
---|---|---|
80 | IPv4 - TCP/UDP | Outgoing |
123 | IPv4 - UDP | Outgoing |
443 | IPv4 - TCP/UDP | Outgoing |
1194 | IPv4 - UDP | Outgoing |
8883 | IPv4 - TCP | Outgoing |
5671 | IPv4 - TCP | Outgoing |
Typically, the camera video stream is accessed through port 554 (TCP/UDP)
If you are using your own MQTT broker, make sure to allow the required ports.
Connect your PC to the network the Perception Box is connected to.
Make sure IP4 is supported
ping4 google.com
Make sure the DNS is able to resolve *.azure-devices.net, *.azure-devices-provisioning.net.
swarm@:~$ dig +short global.azure-devices-provisioning.net
id-prod-global-endpoint.trafficmanager.net.
idsu-prod-mrs-001-su.francesouth.cloudapp.azure.com.
40.79.180.98
Make sure that all above listed outgoing ports are open.
swarm@:~$ curl portquiz.net:8883
Port 8883 test successful!
Your IP: 127.0.0.1
Make sure the TLS certificate is valid (and not inspected). Watch out for
Verification: OK
.swarm@:~$ openssl s_client -connect global.azure-devices-provisioning.net:443
CONNECTED(00000005)
depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
verify return:1
depth=1 C = US, O = Microsoft Corporation, CN = Microsoft RSA TLS CA 02
verify return:1
depth=0 CN = *.azure-devices-provisioning.net
verify return:1
---
Certificate chain
0 s:CN = *.azure-devices-provisioning.net
i:C = US, O = Microsoft Corporation, CN = Microsoft RSA TLS CA 02
1 s:C = US, O = Microsoft Corporation, CN = Microsoft RSA TLS CA 02
i:C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIIWTCCBkGgAwIBAgITfwATMr0tZ+TbqzQUkQAAABMyvTANBgkqhkiG9w0BAQsF
ADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
<<SNIP>>
/5bEzS0RghacUpAj47GmEtrpMGnjW+NpzowkjsR4HE2T54ItSlafD/4Am1Fbx/oE
/o14IXIGOpM+TlGPEifj+7cgIA7GESAgi8J3CaI=
-----END CERTIFICATE-----
subject=CN = *.azure-devices-provisioning.net
issuer=C = US, O = Microsoft Corporation, CN = Microsoft RSA TLS CA 02
---
No client certificate CA names sent
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512
Shared Requested Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4003 bytes and written 444 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 36070000994141FEF9A6DA8FFE8AEBAE8609332DED4B5B69AC05BF44FE3667B8
Session-ID-ctx:
Master-Key: 1D2580A0EECFF340F4A7DA46BC6B88D25309C78EFF35B736A2882745E010778D6EB29B45A1C7F62ADDF1AB6D2937EA9D
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1626709603
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---