Triton Cloud Firewall Guidelines
Full Firewall Guide Here
Required Outbound Destinations & Ports
To ensure stable connectivity, please add the following endpoints to your firewall's Allow List.
Note: Only Outbound traffic is required. No inbound port forwarding is necessary for standard operation.
| Destination Address | Ports |
*.tritonsensors.com |
80, 443 |
iot.tritonsensors.com |
80, 443, 8883 |
iot-manage.tritonsensors.com |
80, 443 |
ws-manage.tritonsensors.com |
80, 443 |
iot.us-east-1.amazonaws.com |
80, 443 |
a74q90bfrqebt-ats.iot.us-east-1.amazonaws.com |
80, 443, 8883 |
triton-production-cloud.s3.us-east-1.amazonaws.com |
80, 443 |
https://ws.tritonsensors.com/ |
80, 443 |
Critical Technical Requirements
-
MQTT Traffic (Port 8883): This port is essential for real-time alerts. If Port 8883 is blocked, your sensors may show as "Online" but will fail to send live notifications.
-
SSL/TLS Inspection: Please disable SSL inspection or create an exception for the domains listed above. Deep packet inspection often breaks the secure handshake required for AWS IoT communication.
-
DNS Settings: Triton sensors default to Google’s public DNS (8.8.8.8). Ensure your firewall allows outbound DNS queries to this server, or that your local network is configured to handle these requests.
-
Wildcard Support: If your firewall does not support wildcards (e.g.,
*.tritonsensors.com), you must manually add each specific subdomain listed in the table above.