05-16-2025 07:38 AM
First time in years, getting this failed result to a PCI scan. 86476 Web Server Stopped Responding.
Their tech suggests it has something to do with my PAN WAF/IDS and they have a bunch of IP addresses/ranges that I can whitelist. I find this odd as I've never had to whitelist them before and I've passed many many scans prior to this.
How do I whitelist the Sysnet servers from any sort of WAF when they scan my external IP address?
Or is this some sort of glitch in their scanner.
05-16-2025 05:30 PM
Hi @cenders ,
Thanks for info, I am not sure, what method they are using to scan, if they are scanning the network behind your firewall then you have to open the requested ports to pass through the traffic from firewall.
Second if they are scanning your firewall exposed Public IPs, then you don't need to do anything.
Third if they are scanning firewall itself with logging to firewall then you have to allow the firewall access to there IP's to ssh / https the device for further scanning.
05-20-2025 12:11 PM
It is an external scan, scanning the exposed public IP for any vulnerabilities.
05-20-2025 07:32 PM
Hi @cenders ,
Thanks for info, If public facing IP's are allowed for specific source then you have to add those IP, if you have source any then you don't need to make any config change at your end...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
