Network Requirements

Firewall, proxy, and connectivity requirements for Vrex

This guide covers the network configuration needed to run Vrex in enterprise environments.

Overview

Vrex requires HTTPS connectivity to several cloud services. Most corporate networks work without changes, but environments with strict firewalls, SSL inspection, or proxy servers may need configuration.

Required Domains

Allow outbound HTTPS (port 443) to these domains:

Core Services

Streaming (Quest VR)

Updates

Proxy Configuration

WinHTTP vs Browser Proxy

Vrex uses WinHTTP for network requests, not browser proxy settings.

To configure the system proxy:

netsh winhttp set proxy proxy-server="http=proxy.company.com:8080"

To verify current settings:

netsh winhttp show proxy

SSL Inspection

If your proxy performs SSL inspection, ensure:

1. The proxy’s root certificate is in the Windows certificate store
2. Certificate revocation checks (CRL/OCSP) are not blocked
3. The proxy doesn’t modify response headers for Vrex domains

Certificate Revocation

Vrex validates certificates via CRL and OCSP. If revocation checks fail, connections will be rejected.

Common issues:

• CRL endpoints blocked by firewall
• OCSP responders unreachable
• Proxy interfering with revocation checks

Solution: Allow access to certificate authority endpoints (typically *.digicert.com, *.sectigo.com, etc.)

Testing Connectivity

Run the diagnostic PowerShell script to verify all endpoints are reachable:

$urls = @(
    "https://api.vrex.no",
    "https://cdn.vrex.no",
    "https://auth.vrex.no"
)

foreach ($url in $urls) {
    try {
        $response = Invoke-WebRequest -Uri $url -UseBasicParsing -TimeoutSec 10
        Write-Host "OK: $url ($($response.StatusCode))" -ForegroundColor Green
    } catch {
        Write-Host "FAIL: $url ($($_.Exception.Message))" -ForegroundColor Red
    }
}

Troubleshooting