Firewall rules and liveness tests

You may have a firewall located in front of the servers that you want GTM to perform liveness tests on. Your firewall's Access Control Lists (ACLs) must have entries to permit the liveness testing agents to download the test objects. To manage this, the portal's Firewall Rules page lists the IP addresses of all systems that might need to access your servers, indicated by entries that have GTM in the Service column. If you have an ACL, make sure that you enter all of the GTM systems listed in the Firewall Rules page into your ACL.

To optimize cost and performance, new liveness testing agents are sometimes provisioned, liveness testing agents are decommissioned in data centers that are closing or have become too costly, and liveness testing agents are replaced when the hardware has become old or troublesome. As a result, the pool of available liveness testing agents changes from time to time.

Access Firewall rules page

To access the Firewall Rules page, log in to ​Control Center​. From the main menu, select Common Services > Firewall change notifications > Manage Subscriptions, and subscribe to the GTM service.

Subscribe to firewall rules notification

When a new liveness testing agent is placed into service, it is first entered on the Firewall Rules page with an effective date about six weeks in the future. To subscribe to email notifications about added or deleted IP GTM addresses, click Manage Subscriptions on the Firewall Rules Notification. GTM does not begin using a liveness testing agent until its effective date has arrived. Therefore, if you subscribe to email notifications, you have about six weeks to update your ACL.