All Collections
FAQs and Troubleshooting
Which URLs do I need to make accessible for my sensor to function?
Which URLs do I need to make accessible for my sensor to function?
A list of URLs that need to be allow-listed in order for the sensor to be able to communicate
sabine avatar
Written by sabine
Updated over a week ago

Your sensor communicates with multiple systems to download configuration and upload test results. Below is a list of the minimum URLs which you will need to make accessible in order for the sensor to function correctly. Any additional services which you set up for testing might also need to be allow-listed in order for them to be tested correctly.

This is the primary URL for all sensor communication with our backend systems
https://device-gateway.capenetworks.io

Please note: Do not use SSL decryption for the following URLs:

https://device-gateway.capenetworks.io

The sensor uses one of the following methods to get the correct time:
- NTP using 0.pool.ntp.org
- If NTP is not available, the sensor will get the correct time via HTTP from http://device-gateway.capenetworks.io/ on port 80. The sensor will expect HTTP response code 204 with no content.

If the URL http://device-gateway.capenetworks.io/ is not accessible on port 80, the sensor will get the correct time via HTTPS from https://device-gateway.capenetworks.io/ on port 443.

Note: UXI sensors will attempt to use the internal NTP servers instead of using pool.ntp.org listed in the DHCP lease if specified via DHCP option 42.

Port 80 is required for http://cdn.capenetworks.io/auth

That's how the sensor determines if there is a captive portal/proxy or not.

The following URLs are used by the sensor to test whether it has external connectivity.  If it can't access them then the sensor will report a "No connectivity" issue on the dashboard. No sensitive data is transferred to or from these locations.

Warning: if your network has a Captive Portal, depending on your setup, you probably do NOT want to allowlist the following URLs. This is because the sensor might not be properly redirected to the Captive Portal. Instead, the following URLs should be accessible but result in a Captive Portal redirect response for unauthenticated clients.

http://cdn.capenetworks.io/auth
http://cdn.capenetworks.io/connectivity-check
http://35.241.22.134/auth.html
http://35.241.22.134/connectivity-check
http://captive.apple.com/hotspot-detect.html
http://connectivitycheck.gstatic.com/generate_204

Additional information: https://help.capenetworks.com/en/articles/1966715-my-sensor-cannot-connect

Did this answer your question?