Restricted Network -> What permissions?
Hello!
We've gotten our company network revamped and now its even more restrictive than before, yay!
So currently we cannot use Normcore, as the requests to the normcore-matcher are being denied.
Are there any other services or urls that we need to make accessible besides the matcher?
Coms with NetDep is always a slog so would like to get it all covered the first time.
Thanks in advance!
3 Replies
Hi @iwannadieonmars. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
----------------------
Hello! I'd be happy to help you with the network permissions required for Normcore. Based on the information provided in the knowledge sources, here are the firewall rules you need to implement for Normcore to function properly:
According to the Firewalls + Corporate Networks (https://normcore.io/documentation/architecture/firewalls) documentation, you need to allow the following outbound traffic:
1. TCP ports 443 and 3000 from all Normcore Clients to *.normcore.io
2. UDP ports 32,768 - 65,535 from all Normcore Clients with no outbound IP limit
These rules should be applied to outbound traffic, allowing the server to communicate back to the destination port received from the client connection.
In addition to the matcher, you'll also need to ensure access to the clusters and room servers. The Cloud Infrastructure (https://normcore.io/documentation/architecture/cloud) documentation explains that Normcore uses a matcher service, clusters, and room servers for its functionality.
If you need to limit the range of hosts or ports further, you might want to consider Normcore Private (https://normcore.io/normcore-private), which allows for a more customized deployment with a single cloud provider and a specific block of IP addresses.
Make sure to communicate these requirements to your Network Department to ensure all necessary services are accessible for Normcore to function correctly in your corporate environment.
----------------------
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
----------------------
<@318392490975821824> Kapa.ai is still learning and improving, please let me know how I did by reacting below.
Good Bot!