Network requirements
The qbee-agent is designed to operate securely across diverse network environments, including those behind strict firewalls or restrictive proxies. This document outlines the necessary outbound communication paths required for core services such as configuration management, inventory reporting, metrics, and remote access.
Architecture Overview¶
All communication initiated by the qbee-agent is outbound-only. There is no need to open any inbound ports on your local firewall.
- Protocol: HTTPS/TLS
- Port: 443 (TCP)
- DNS: Devices must be able to resolve the hostnames listed below.
Required Endpoints¶
To ensure full functionality, your firewall must allow outbound traffic to the following endpoints. While we recommend whitelisting by Hostname, IP addresses are provided for legacy environments that do not support DNS-based rules.
Core Device API¶
This endpoint handles configuration management, metrics, logs, and general platform synchronization.
- Hostname: device.app.qbee.io
- Port: TCP/443
- IP addresses:
- 34.255.133.233
- 54.72.39.215
- 99.81.8.44
Remote Access API (Edge)¶
This endpoint facilitates secure remote access and tunneling capabilities.
- Hostname: edge.app.qbee.io
- Port: TCP/443
- IP addresses:
- 3.33.204.188
- 15.197.248.71
Summary Checklist for Administrators¶
| Requirement | Details |
|---|---|
| Outbound Ports | Port 443 (TCP) must be open for all traffic. |
| Inbound Ports | None. No inbound rules are required. |
| DNS Resolution | Agent must be able to resolve *.qbee.io. |
| TLS/Inspection | If using SSL inspection, ensure the qbee-agent can validate the certificate chain. |
IMPORTANT
If your network uses a proxy, ensure the qbee-agent is configured with the appropriate environment variables (HTTPS_PROXY) to reach these endpoints.
If you have any questions about networking setup or encounter connectivity issues, please reach out to support.