Oracle Cloud Infrastructure Documentation

Can't Add Network Security Group

Troubleshoot issues that prevent you from adding a network security group while working with Security Zones.

Security Zones policy prevents you from creating network security group rules with unsecure UDP or TCT ports. You might see the following error message:

You can't add a network security group with a rule that allows ingress to unsecure ports or IP addresses in the security zone.

If the rule is based on UDP protocol, Security Zones policy disallows the following ports:
  • 11
  • 17-19
  • 49
  • 69
  • 80
  • 82
  • 83-85
  • 389
  • 443
  • 656
  • 8080
If the rule is based on TCP protocol, Security Zones policy disallows the following ports:
  • 11
  • 17-19
  • 21
  • 23-25
  • 43
  • 49
  • 53
  • 70-74
  • 79-81
  • 88
  • 111
  • 123
  • 389
  • 445
  • 500
  • 636
  • 3306
  • 3389
  • 5901
  • 5985
  • 5986
  • 7001
  • 8000
  • 8080
  • 8443
  • 8888