Local network traffic

The OnTakt server needs outgoing access to each machine control it will read data from. The specific port used for a machine depends on the control type and is usually even configurable on the control. The port should be specified in the machine’s URL in OnTakt.

The OnTakt server needs incoming access from the PCs that will access its web interface on the following ports:

  • 80/tcp – Homepage
  • 8710/tcp – Inspection HTTP
  • 8711/tcp – Inspection HTTPS
  • 8720/tcp – OnTakt

For mDNS discovery, it will need outgoing access on 5353/udp to 224.0.0.251 (IPv4) and/or ff02::fb (IPv6) as well as incoming access on that same port from the PCs that will access its web interface.

Internet traffic

An internet connection is not required to run or use OnTakt. However, it makes applying updates much easier. If you would like to allow the OnTakt server to access the internet but limit what it can connect to, set up a firewall rule that allows outgoing access to only the following hosts:

  • us.archive.ubuntu.com: 80/tcp and 443/tcp
  • central.ontakt.live: 443/tcp
  • pkg.central.ontakt.live: 443/tcp