somebody knows what IP/PORT(s)/ are used by traps v5 to comunicate with the web console?
I just check my syslog events and I found my firewall block two IPs address and one port looking from my lan, my network admin realease my ip for touch the console excluding it from proxy and firewall, thats works but its not the best option.
If somebody know about that, please I'll be thanksful. Please check the event log.
<164>Feb 08 2018 11:33:31: %ASA-4-106023: Deny tcp src LAN:192.X.X.106/53273 dst WAN:126.96.36.199/443 by access-group "acl-in-lan" [0x0, 0x0]
<164>Feb 08 2018 11:33:31: %ASA-4-106023: Deny tcp src LAN:192.X.X.106/48652 dst WAN:188.8.131.52/443 by access-group "acl-in-lan" [0x0, 0x0]
The best regards,
Just had a look on my firewall and it only seems to be using port 443 and the URL is <customer>.traps.paloaltonetworks.com. The IP address corresponds to an AWS address range, so I doubt you will be able to limit it down to a destination range. If you need to limit the destination, its probably only going to be possible via URL.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!