How do I set up the Envoy if there is a firewall?
Learn how to configure the Envoy and Envoy-S network settings if there is a firewall enabled at the site
Usually, as a default on broadband routers, all outbound connections are allowed and any restrictions are normally in place for inbound communications.
However, if outbound firewall rules are applied at the site, you must configure a static IP address for the Envoy and add new rules that allow outbound access as follows:
Envoy Firewall Settings:
| Direction | Source | Protocol | Port | Destination |
| OUT | <Envoy IP address> | TCP | 80, 443 | reports.enphaseenergy.com |
| OUT | <Envoy IP address> | UDP | 80 | ping.enphaseenergy.com |
| OUT | <Envoy IP address> | TPC | 443 | home.enphaseenergy.com |
| OUT | <Envoy IP address> | UDP | 123 |
us.pool.ntp.org OR *.europe.pool.ntp.org OR * .oceania.pool.ntp.org |
Envoy-S Firewall Settings:
| Direction | Source | Protocol | Port | Destination |
| OUT | <Envoy IP address> | TCP | 443, 80 | reports.enphaseenergy.com |
| OUT | <Envoy IP address> | TCP | 443, 80 | home.enphaseenergy.com |
| OUT | <Envoy IP address> | UDP, | 80 | ping-udp.enphaseenergy.com |
