If you have any type of Application Filtering, Captive Portal or Proxy service that would block outbound access to an OpenVPN application, you must ensure your policy allows from the appliances source IP.
If you have a strict egress policy in your environment you will need to ensure a few things are allowed outbound in order for the appliance to function. Make sure to allow outbound UDP/TCP to the DNS servers being used.
If needed, the current IP address or addresses for the URLs below can be found with the nslookup command. Example: nslookup activate.pondurance.com
The activation API endpoint: activate.pondurance.com tcp/443
This endpoint is used to communicate to the Pondurance cloud in order to receive provisioning instructions. This services communicates over tcp/443.
Egress traffic to link.pondurance.com tcp/11512 (see note below on former port 11013)
Egress traffic to link.pondurance.com tcp/443
Egress traffic to stream.pondurance.com tcp/443
Note: Configurations deployed on or before May 2022 specified egress traffic to link.pondurance.com tcp/11013 instead of or in addition to link.pondurance.com tcp/11512.