How to Set Firewall Rules
By default we deny all inbound traffic from the Internet to your IP block except for ping (ICMP Echo---used to verify that the host is up). Otherwise, initial access rules are configured based on the customer questionnaire.
Since the new API 0.176 was released, there is no need to open an AppNexus support ticket to make changes to the Access Control List (ACL). You can set and modify Access Control Entries (ACEs) yourself with new parameters in the
manage-vlan CLI tool, which gives you immediate and flexible control. For details on managing your firewall, please see Managing ACLs.
Note that in case you need to open SNMP to your instances/VLANs it's not enough to open 161 port via
manage-vlan, as we need to "make a hole" on our borders as well. Please, open a Support ticket, requesting the task.
List of Standard Ports
For reference, here is a List of Standard Ports.
Port Ranges Enabled Within the Cloud
For reference, here is a list of Enabled Port Ranges.
AppNexus Specific ACLs
If you are specifically interested in allowing the AppNexus Impression Bus to hit your bidders, please use the IP ranges of AppNexus VLANs (subnets) from the below table:
Open Ports For FTP
- Open port 21 only.
- Open a secondary range of ports in addition to port 21.
We recommend configuring ports 40000--41000 in your FTP software. Our equipment is already set up to use the same range, however, it could be reconfigured if there are specific reasons to use a different port range.