Best Practices, on how to secure CoolMasterNet in the Firewall
As the Cloud IPs can change without any notice, as it’s an automatic service based on device geo-location, load balance and other parameters, we strongly suggest not to lock the CoolRemote cloud IP in the firewall.
What we do suggest is the following:
Lock the CoolMasterNet IP by MAC address in the Firewall/Router (also called DHCP Reservation, or Network Object).
Create FW Rules, via Ports only and lock it to the CoolMasterNet network object.
CoolMasterNet IP to/from Destination ANY ports:
10101 TCP - outbound.
10101 UDP - if your equipment is configured for pinholing then just outgoing otherwise both inbound and outbound.
If your Firewall allows rule creation by FQDN host (DNS (port 53)) it can also be done but due to DNS propagation delays connectivity may occur.
The DNS to be set is app.coolremote.net