VPN Access for Support

This section explains how to enable Exasol support access to your system using VPN.

To enable support access over VPN, you must configure a site-to-site VPN tunnel. This is an IPSec tunnel with two phases:

Phase 1: AES 256 / SHA-256 / DH Group 14: MODP 2048; Lifetime: 7800 seconds
Phase 2: AES 256 / SHA-256 / PFS Group 14: MODP 2048; Lifetime: 3600 seconds

Exasol supports the Internet Key Exchange version 1 (IKEv1) protocol.

To enable all maintenance tasks, make the following services/ports accessible on the public IP addresses of the cluster and the LOM (if applicable):

TCP port 8563 (database access)
TCP port 20 (SSH access to host)
TCP port 22 (SSH access to cluster nodes)
TCP port 443 (HTTPS access to EXAoperation and the LOM web interface)
ICMP ECHO REQUEST/REPLY (ping)
UDP port 123 (NTP)
TCP/UDP port 161 (SNMP monitoring - only required if you use the Exasol monitoring service. For more information, see Create Monitoring Services.

YesNo

Please let us know how we can improve.

If there's anything we can improve on, let us know.

Send Feedback

To help us understand your feedback, please include a link to this page.

stuff