Below are the known ports that need to be configured as accessible by the Celona infrastructure - Celona access points and Celona Edge - within an existing enterprise network. Note that this list may change over time so make sure to review with every new Celona network installation within your environment.

Celona Access Points themselves require no inbound ports opened.

If NOT using Celona IPsec, the following inbound ports must be opened to Celona Edge nodes:

Between Celona CBRS Access Points and Celona Edge

Port

TCP/UDP/IP

Note

132

IP

SCTP

2123

UDP

GTP Control

2152

UDP

GTP Data

443

TCP

Provisioning

If using Celona IPsec, the following inbound ports must be opened to Celona Edge nodes:

Port

TCP/UDP/IP

Note

4500

UDP

Celona IPsec1

500

UDP

Celona IPsec2

Regardless of IPsec settings, Celona Access Points and Celona Edge nodes require outbound HTTPS access to the Celona Orchestrator:

Between Celona Edge and Celona Orchestrator

Port

TCP/UDP/IP

Note

443

TCP

Configuration

Between Celona Access Points and Celona Orchestrator

Port

TCP/UDP/IP

Note

443

TCP

Provisioning

For Edge & AP bringup in environments with restricted firewall please contact Celona Support (support@celona.io). URL allow list for these environments is -

  • sas.goog

  • spectrum-connect.federatedwireless.com

  • cso.celona.io

  • grpclb-cso.celona.io

  • psereg-cso.celona.io

  • tp2.celona.io


Next up, let's activate your Celona subscription licenses within Celona Orchestrator so that you can start configuring your end to end private cellular network. To learn how, see this article on activating Celona subscription licenses.

Did this answer your question?