Introduction
This article outlines the firewall exceptions you need to make for Field Effect's sensors and endpoint agents to communicate with Field Effect's services. To verify that your network sensor is functioning correctly, see Validating Network Coverage.
See How Field Effect MDR Works to learn more.
This article covers the following topics:
Requirements: Physical Sensors
All sensors (primary and remote) require outbound access to TCP port 443.
If your organization does not support this requirement, we have instructions that allow you to limit where the sensor can reach out to. Please reach out to support@fieldeffect.com for more on this.
Geo-Location access
If your firewall has any location-based blocking, please ensure that Canada is made an exception, as we are a Canadian-based company.
VPN Blockage
If your firewall blocks either Tailscale or OpenVPN, please allow these as they are used by the server to communicate with Field Effect systems.
Requirements: Self-Hosted Virtual Sensor
During a sensor's initial configuration, the following outbound connections must be allowed:
- TCP/443— HTTPS to the following systems:
- login.tailscale.com
- controlplane.tailscale.com
- derp1-all.tailscale.com
- 192.200.0.0/24
- Allowing outbound UDP traffic is recommended for efficiency but not required.
Requirements: Endpoint Agents
When a new endpoint agent is installed, it connects to the following systems to self‑configure:
epid.fieldeffect.net, TCP/443installlogs.fieldeffect.net, TCP/443
After successful installation, the endpoint communicates with Field Effect's systems over TCP/443:
$hash.mobile.fieldeffect.net
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article