URL/IP/Ports used by traps 5

Reply
L2 Linker

URL/IP/Ports used by traps 5

Hello,

 

somebody knows what IP/PORT(s)/ are used by traps v5 to comunicate with the web console?
I just check my syslog events and I found my firewall block two IPs address and one port looking from my lan, my network admin realease my ip for touch the console excluding it from proxy and firewall, thats works but its not the best option.

If somebody know about that, please I'll be thanksful. Please check the event log.

 

<164>Feb 08 2018 11:33:31: %ASA-4-106023: Deny tcp src LAN:192.X.X.106/53273 dst WAN:54.86.11.252/443 by access-group "acl-in-lan" [0x0, 0x0]
<164>Feb 08 2018 11:33:31: %ASA-4-106023: Deny tcp src LAN:192.X.X.106/48652 dst WAN:52.54.109.15/443 by access-group "acl-in-lan" [0x0, 0x0]

 

 

The best regards,

wtobar

Tags (4)
Highlighted
L2 Linker

Re: URL/IP/Ports used by traps 5

Just had a look on my firewall and it only seems to be using port 443 and the URL is <customer>.traps.paloaltonetworks.com. The IP address corresponds to an AWS address range, so I doubt you will be able to limit it down to a destination range. If you need to limit the destination, its probably only going to be possible via URL.

L1 Bithead

Re: URL/IP/Ports used by traps 5

Select Traps Management Service in apps. Thats all.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!