Below are the known ports that need to be configured as accessible by the Celona infrastructure - Celona access points and Celona Edge - within an existing enterprise network. Note that this list may change over time so make sure to review with every new Celona network installation within your environment.
Celona Access Points themselves require no inbound ports opened.
If NOT using Celona IPsec, the following inbound ports must be opened to Celona Edge nodes:
Between Celona CBRS Access Points and Celona Edge
Port | TCP/UDP/IP | Note |
132 | IP | SCTP |
2123 | UDP | GTP Control |
2152 | UDP | GTP Data |
443 | TCP | Provisioning |
If using Celona IPsec, the following inbound ports must be opened to Celona Edge nodes:
Port | TCP/UDP/IP | Note |
4500 | UDP | Celona IPsec1 |
500 | UDP | Celona IPsec2 |
Regardless of IPsec settings, Celona Access Points and Celona Edge nodes require outbound HTTPS access to the Celona Orchestrator:
Between Celona Edge and Celona Orchestrator
Port | TCP/UDP/IP | Note |
443 | TCP | Configuration |
Between Celona Access Points and Celona Orchestrator
Port | TCP/UDP/IP | Note |
443 | TCP | Provisioning |
Edge node URL Whitelist (HTTPS 443 unless otherwise noted)
sas.goog
cso.celona.io (443 and 22)
cloudflare.docker.com
grpclb-cso.celona.io
psereg-cso.celona.io
tp2.celona.io
amazonaws.com
mongodb.net (TCP port 27017)
To integrate your Celona Edge installation with an existing enterprise L2/L3 network, see this article on Celona's IP domain configuration options.