Allow inbound access for direct cloud connectivity

Security Cloud Control connects to the devices that it manages through the cloud connector or through an (SDC).

When you connect Security Cloud Control Firewall Management directly to a device through the cloud connector, allow inbound access on port `443`, or on the port that you have configured for device management, from the IP addresses for your region.

Special Consideration for Connecting an ASA to an SDC

Specifically, for ASA the SDC uses the same secure communications channel used by ASDM.

If the ASA under management is also configured to accept AnyConnect VPN Client connections, the ASDM HTTP server port must be changed to a value of 1024 or higher. Note that this port number will be the same port number used when onboarding the ASA device into Security Cloud Control.

Example ASA Commands

The following examples assume that the ASA outside interface is named 'outside' and an AnyConnect client is configured on the ASA so the ASDM HTTP server is listening on port 8443.

To enable the outside interface, enter these commands:

Asia-Pacific-Japan Region:

• http 54.199.195.111 255.255.255.255 outside

• http 52.199.243.0 255.255.255.255 outside

Australia Region

• http 13.55.73.159 255.255.255.255 outside

• http 13.238.226.118 255.255.255.255 outside

EMEA Region

• http 35.157.12.126 255.255.255.255 outside

• http 35.157.12.15 255.255.255.255 outside

India Region

• http 35.154.115.175 255.255.255.255 outside

• http 13.201.213.99 255.255.255.255 outside

United States Region

• http 52.34.234.2 255.255.255.255 outside

• http 52.36.70.147 255.255.255.255 outside

To enable the ASDM HTTP server port, in the case where AnyConnect VPN Client is in use, enter this command:

http server enable 8443