SafeConsole OnPrem:

For inbound connections to the SafeConsole server HTTPS (port 443) is used as default although this port is configurable to any port.

To allow devices to connect back to SafeConsole (in order to use features such as remote kill or collect logs over the Internet) it is required to have at least the above mentioned port exposed to the outside world.

SafeConsole Cloud:

For inbound connections the SafeConsole server operates over HTTPS (port 443) and cannot be changed, this port is accessible to the outside world by default.

You must ensure that your workstations are able to access your SafeConsole Cloud server address via the Internet using HTTPS to be able to all communication between your encrypted device and the server, you may need to check any firewall software installed on your workstation to ensure this access is allowed.