Ports used in a multi tenant deployment.
In a multi-tenant deployment, communication is predominantly from the main host server to any additional host servers, and then from the hosts to the tenants. Two-way communication should always be available between the main server and host servers. The main host server and additional host servers communicate using TLS 1.2 over port 443. Requests to the tenants are sent through the hosts (main or other) on port 443. The hosts forward the requests to the tenants, which listen on ports 18501 and higher.
Port 443 is used for communication between the main host server and additional host servers.
In a high availability environment, hosts in the same high availability group communicate with each other over port 443. There is no communication between hosts in different high availability groups.
Main hosts (incoming) | Additional hosts (incoming) | Tenant on main host (incoming) | Tenant on additional host (incoming) | |
---|---|---|---|---|
Main hosts (outgoing) | 443 (in high availability) | 443 | 1850x | 443 |
Additional hosts (outgoing) | 443 (configurable) | 443 (in the same high availability group) | - | 1850x |
Configure unidirectional communication
Unidirectional communication or tunneling in multi-tenant deployments ensures secure, one-way communication from a host server to the main host server (master), preventing any data flow back to the host environment. This enhances security by isolating host networks while still enabling centralized management and monitoring.
For example, you can use unidirectional tunneling to send logs and alerts from a host to the main server without risking exposure of sensitive host networks. This setup ensures secure data transfer while maintaining strict network isolation for compliance and security purposes.
On the main (master) host, navigate to Setting > ABOUT > Troubleshooting > Server Configuration.
Click Add Server Configuration.
Add the Server.UniDirectionalEnable key and set it to
true
.Click Save.
Add the Server.UniDirectionalEnable key on all hosts that want to communicate via the tunnel.