Problem: Versa Director is unable to communicate with CPEs when Versa headend is hosted on Microsoft Azure.
Solution:
Configure access control list (ACL) in Azure firewall to allow communication through these ports:
| Protocol/Port | Purpose |
| 4790/UDP | VXLAN communication between FlexVNF, branch, and controller. |
| 500,4500/UDP | IKE/IPsec protocol. |
| 2022/TCP | NetCONF from Versa Director to Versa FlexVNF. |
| 3000-3002/TCP | High Availability (HA) between FlexVNF instances if HA nodes exist and are configured. |
| IP protocol 50 | Encapsulating Security Payload (ESP) |
| 8443/TCP | REST port to fetch operational information from Versa FlexVNF |
| 22/TCP SSH Port |