Allowlist domain names for outbound communication
- Last UpdatedSep 02, 2025
- 1 minute read
In instances where your IT department is unable to fully open an outbound port, as described in Understand firewall exception prerequisites, they can instead allowlist the necessary ports for the following specific domains:
Device to Edge Management service communication
|
Domain name |
Port |
Used for |
|---|---|---|
|
edgeiothubprodus.azure-devices.net |
443, 5671 |
Azure IoT Hub access (Port 5671 required for using AMQP) |
|
gsr1edgemoduleacr.azurecr.io |
443 |
Container Registry access |
|
edgemanagement.connect.aveva.com |
443 |
Downloading bootstrap scripts |
|
edgestorageprodus.blob.core.windows.net |
443 |
Downloading application modules |
|
edgestorageprodus.blob.core.windows.net edgemanagement.connect.aveva.com edgestoragestage.blob.core.windows.net stageedgemanagement.capdev-connect.aveva.com |
443 |
Downloading license certificates |
|
online.wonderware.com configurator.online.wonderware.com |
443 |
AVEVA Insight REST APIs |
|
mcr.microsoft.com |
443 |
Downloading Edge Agent/Hub images |
|
raw.githubusercontent.com |
443 |
Deploying and initializing IoT Edge runtime and Edge Security Daemon |
|
packages.microsoft.com |
443 |
Downloading Linux packages |
Browser access to AVEVA Edge Management portal
|
Domain name |
Port |
Used for |
|---|---|---|
|
connect.aveva.com |
443 |
CONNECT Portal |
|
identity.connect.aveva.com signin.connect.aveva.com sso.aveva.com profile.connect.aveva.com |
443 |
Identity Server |
|
edgemanagement.connect.aveva.com |
443 |
AVEVA Edge Management Portal and REST API |
|
api.connect.aveva.com |
443 |
CONNECT REST API |