Requirements
The following settings, services, and software are required to successfully deploy Cisco GMM cloud-based modules including Gateway Management (GMM) and Data Control (DCM).
Gateway requirements
Supported gateways
A supported Cisco gateway that is provisioned for cloud management with Cisco GMM.
Obtain gateways
There are two ways to obtain a Cisco GMM managed gateway.
- Order a new gateway. See How to order for more information.
- Convert an existing non-Cisco gateway to be a GMM managed gateway using the Gateway Provisioning Tool (GPT).
Gateway entitlement
The gateway must also be entitled to use Cisco GMM. This is done by Cisco, and is performed automatically when the gateway is ordered as “cloud managed”.
Gateways that are provisioned by you must be entitled by sending a support request to Cisco GMM.
- In the upper right-hand corner of the browser-based Cisco GMM Cloud Application, click Help > Contact Us.
- Select Add Gateways.
- Enter the gateway serial number(s) and request for entitlement.
- Click Submit.
Cellular and WiFi requirements
For gateways that use cellular or WiFi connections:
- Verify that the device has an Cisco-approved antenna, and that it can receive a signal from the network.
- Cellular connections also require a SIM card and APN provided by your cellular carrier. Ask your cellular provider for assistance.
See the installation guide for your gateway model and the Cisco Industrial Router Antenna Guide for more information
Admin console requirements
Cisco GMM account
Go to Cisco GMM and click Contact Us to request a new account.
Browser requirements
| Browser | Supported version |
|---|---|
| Chrome | Latest |
Note: Use the latest version of a supported web browser to access the admin console.
DHCP and DNS requirements
The network that the gateway connects to for uplink traffic must provide:
- A DHCP address to the device.
- Default route and DNS server information.
Network port and protocol requirements
The following TCP/UDP network ports and IP protocols must be opened on the network firewall to allow the gateways to communicate with Cisco GMM.
When recommend using a Dynamic Domain Name Service (DDNS) firewall, where possible.
Note: These settings are subject to change and may need to be maintained in the future.
TCP/UDP Ports
| Port | Protocol | Destination | Description | Required for GMM module |
|---|---|---|---|---|
| 53 | UDP | IP of assigned DNS Server | GW must have access to DNS resolution service. Domain Name System (DNS) us.ciscokinetic.ioeu.ciscokinetic.io |
GMM |
| 123 | UDP | NTP Server: 129.6.15.30 | Network Time Protocol (NTP) | GMM |
| 500 | UDP | US Cluster: 34.208.182.252 EU Cluster: 34.240.190.128 |
Bidirectional access is required for the Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE) | GMM |
| 4500 | UDP | US Cluster: 34.208.182.252 EU Cluster: 34.240.190.128 |
Bidirectional access is required for IPSec NAT Traversal | GMM |
| 8883 | TCP | US Cluster: Name resolution of us.ciscokinetic.io EU Cluster: Name resolution of eu.ciscokinetic.io The DNS name us.ciscokinetic.io resolves to: 54.71.117.77 34.216.139.206 52.11.218.197 The DNS name eu.ciscokinetic.io resolves to: 52.212.193.126 54.194.175.23 34.252.252.200 |
Secure MQTT (MQTT over TLS) for the data pipeline. Required for Cisco Kinetic DCM only when publishing to the Kinetic cloud. You can use MQTT over Web sockets (TCP 443) instead. |
DCM |
| 443 | TCP | US Cluster: Name resolution of mqtt-us.ciscokinetic.io EU Cluster: Name resolution of mqtt-eu.ciscokinetic.io The DNS name us.ciscokinetic.io resolves to: 54.71.117.77 34.216.139.206 52.11.218.197 The DNS name eu.ciscokinetic.io resolves to: 52.212.193.126 54.194.175.23 34.252.252.200 |
Secure MQTT (MQTT over Web Socket) for the data pipeline. Required for Cisco Kinetic DCM only when publishing to the Kinetic Cloud. Can use MQTT over TLS instead. | DCM |
| 9123 | TCP | US Cluster: Name resolution of us.ciscokinetic.io EU Cluster: Name resolution of eu.ciscokinetic.io The DNS name us.ciscokinetic.io resolves to: 54.71.117.77 34.216.139.206 52.11.218.197 The DNS name eu.ciscokinetic.io resolves to: 52.212.193.126 54.194.175.23 34.252.252.200 |
Call-home registration. Required for all gateways shipped from Cisco November 15, 2018 or earlier, or if the gateway was provisioned using a GPT version 1.91.2.7 or earlier. |
GMM |
| 9124 | TCP | US Cluster: Name resolution of us.ciscokinetic.io EU Cluster: Name resolution of eu.ciscokinetic.io The DNS name us.ciscokinetic.io resolves to: 54.71.117.77 34.216.139.206 52.11.218.197 The DNS name eu.ciscokinetic.io resolves to: 52.212.193.126 54.194.175.23 34.252.252.200 |
Call-home registration. Required for all gateways shipped from Cisco on or after November 16, 2018 or if the gateway was provisioned using GPT version 1.91.2.8 or later. |
GMM |
Remote management requirements
To remotely manage gateways and connected devices, the AnyConnect client 4.3.x or higher must be installed on your Windows or Mac computer.