At Jama Software, we do not support the use of firewall programs like firewalld and ufw on the application server, as they can interfere with both KOTS and Traditional instances of Jama Connect. For optimal access management, an airgap configuration is recommended. However, we recognize that some organizations require remote access and must adhere to policies restricting traffic on most ports, making an airgap instance impractical.

Configuration and Responsibility:

Configuring a custom firewall is the host's responsibility and falls outside the scope of support Jama Software can provide. This task, including the management of iptables and firewalld So that you know, rules must be handled independently by your team.

Resources for Assistance: To support you within our limits, we have compiled resources that may assist in replicating firewall rules from your original server to a new application server, saving rules permanently, and understanding standard IP port ranges used by KOTS clusters:

Precautions and Recommendations:

We strongly suggest backing up the application server and database instances before you implement firewall changes. As troubleshooting these configurations is beyond our support scope, having a backup and a rollback plan is crucial.

Also, it is recommended that you disable both the firewall and during the installation and updates of our application to avoid any interference.

After installation, review your system’s active ports using tools such as netstat and adjust your firewall rules to allow remote access to the necessary ports.

Limitations of Our Support: While we offer general guidance and resources, please understand that our support does not extend to external tools not developed by Jama Software, including firewalls.


