When you configure the outbound firewall rule, System Manager can connect only to those destination system that are added in the allowed whitelist. Therefore, when you add the very first outbound firewall rule, ensure that you add all the required destination IP Addresses in the allowed whitelist to which System Manager will connect to.
Procedure
Log in to the System Manager command line interface with CLI user credentials that you create during application deployment.
Do one of the following:
To add the list of destination IPv4, IPv6, FQDN, and Network with CIDR notation IP addresses in the whitelist, type configureOutboundFirewalladd-s <destination IPv4/IPv6/FQDN/CIDR IPs>, and press Enter.
You can add multiple entries with comma-separated values.
For example, to add the specific entries, type the following:
To add the list of destination IPv4, IPv6, FQDN, and Network with CIDR notation IP addresses in the whitelist through a file, type configureOutboundFirewalladd-f <absolute path of the.txt file>, and press Enter.
You can add each entry in a separate line in the <nameofthefile>.txt file.
While processing the FQDN, System Manager resolves the FQDN to its IP Address, and then adds, removes, or overwrites that IP address in the whitelist.
If the system prompts, type y to continue.
In the Geographic Redundancy setup, System Manager displays the following message:
Geographic Redundancy configuration detected. Separate configuration of Outbound Firewall is required on the Primary and Secondary servers.
In the Geographic Redundancy setup, if you need to configure the outbound firewall rules, then you need to add the peer IP addresses on the primary and secondary System Manager servers.
System Manager adds the specified IP Addresses and FQDN in the whitelist.
