Firewalls on the host must allow TCP/IP connections.
On each host you add to the cloud, the firewall must be configured to allow TCP/IP connections to the TCP/IP, HTTP, and HTTPS ports used by each cloud server installed on the host. Similarly, any firewalls on or between a host that is used to connect to any cloud server must be configured to allow TCP/IP connections to the TCP/IP, HTTP, and HTTPS ports used by the cloud server. Connections fail and the cloud might not operate correctly if firewalls are not configured properly.
If your firewall blocks incoming connections by application, configure your firewall to allow connections to the dbsrv17 executable. Additionally, if your firewall blocks outgoing connections by application, you must configure your firewall to allow outgoing connections from all cloud executables.
When you add a host, you can assign the host a range of cloud server ports for each of the TCP/IP (Command Sequence and TDS), HTTP, and HTTPS protocols. By default, cloud servers that start on the host use ports from these port ranges. You can change the port ranges that are assigned by the cloud to new hosts, as well as the port ranges of a host.