Below are the known ports that need to be configured as accessible by the Celona infrastructure - Celona access points and Celona Edge - within an existing enterprise network. Note that this list may change over time so make sure to review with every new Celona network installation within your environment.

Celona Access Points themselves require no inbound ports opened.

If NOT using Celona IPsec, the following inbound ports must be opened to Celona Edge nodes:

Between Celona CBRS Access Points and Celona Edge

Port

TCP/UDP/IP

Note

132

IP

SCTP

2123

UDP

GTP Control

2152

UDP

GTP Data

443

TCP

Provisioning

If using Celona IPsec, the following inbound ports must be opened to Celona Edge nodes:

Port

TCP/UDP/IP

Note

4500

UDP

Celona IPsec1

500

UDP

Celona IPsec2

Regardless of IPsec settings, Celona Access Points and Celona Edge nodes require outbound HTTPS access to the Celona Orchestrator:

Between Celona Edge and Celona Orchestrator

Port

TCP/UDP/IP

Note

443

TCP

Configuration

Between Celona Access Points and Celona Orchestrator

Port

TCP/UDP/IP

Note

443

TCP

Provisioning

Edge node URL Whitelist (HTTPS 443 unless otherwise noted)

  • sas.goog

  • cso.celona.io (ports 443 and 22)

  • cloudflare.docker.com

  • docker.io

  • grpclb-cso.celona.io

  • psereg-cso.celona.io

  • tp2.celona.io

  • amazonaws.com

  • mongodb.net (TCP port 27017)


To integrate your Celona Edge installation with an existing enterprise L2/L3 network, see this article on Celona's IP domain configuration options.

Did this answer your question?