AnsweredAssumed Answered

Which firewall ports need to be open for Authentication Manager 8.2.1

Question asked by JUNXIA ZHANG on Jun 6, 2018
Latest reply on Jun 11, 2018 by JUNXIA ZHANG

We are using RSA authentication manager 8.2.1( hardware) for the user. We advise user to open some firewall ports as follows:

 

Port Number

Protocol

Services

Description

22

TCP

SSH

Secure Shell (SSH) for admin to log in

5500

TCP

-

Used for authentication

443

TCP

 

HTTPS

Used for RSA quick setup

Used for administrative user interfaces such as Operations Console and Security Console

5500

UDP

-

Used for UDP based authentication

5550

TCP

-

Used for communication with agent for agent auto-registration

7002

 

TCP

 

SSL

Used for communication between primary and replica appliances

7004

 

TCP

SSL

Accept requests for Security Console Functions

7072

TCP

SSL

Accept requests for Operation Console Functions

7022

TCP

SSL

Used for communication between Authentication Manager primary and replica instances and for communication between replica instances (for replay detection).

1812

TCP

-

Communication between primary and replica appliances

1813

TCP

-

Communication between primary and replica appliances

6000 - 6063

TCP

X Windows

To troubleshoot RSA appliances

2334

TCP

-

Used for replication of data by the database listener

8443

TCP

SSL

Used for real-time status messages in Security console, when applying Authentication Manager patches and service packs

-

-

Ping

Admin/troubleshoot RSA appliances

123

NTP

-

To synchronize time between RSA appliances

514

UDP

-

Sending log entries to remote Syslog server

 

But user still got following firewall logs. So which port/s do we still need to open for the user?. We have 3 RSA appliances one primary and two replicas. According to user's log, only one replica have this issue.

 

AgencyName of offenseDate / Time of offense occurence (DD-MMM-YYYY)Log SourceSource IPDestination IP
 Firewall Permit and Firewall Session Opened Fri Jun 01 03:02:34  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Fri Jun 01 03:40:48  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Fri Jun 01 04:08:21  172.16.0.245Remote (2)
 Firewall Session Opened and Firewall Permit Fri Jun 01 05:30:20  172.16.0.245Remote (2)
 Firewall Session Opened and Firewall Permit Fri Jun 01 06:15:25  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Fri Jun 01 06:43:45  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Fri Jun 01 07:31:34  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Fri Jun 01 08:09:09  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Fri Jun 01 08:41:57  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Fri Jun 01 09:24:35  172.16.0.245Remote (2)
 Firewall Session Opened and Firewall Permit Sat Jun 02 16:12:48  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Sat Jun 02 17:29:13  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Sat Jun 02 18:21:16  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Sat Jun 02 19:20:26  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Sat Jun 02 19:58:09  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Sat Jun 02 20:53:01  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Sat Jun 02 21:23:21  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Sat Jun 02 23:20:32  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Sun Jun 03 13:54:32  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Mon Jun 04 01:52:09  172.16.0.245Remote (2)
 Firewall Session Opened and Firewall Permit Mon Jun 04 02:54:05  172.16.0.245Remote (2)
 Firewall Session Opened and Firewall Permit Mon Jun 04 13:43:23  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Jun 5, 2018, 1:49:02 PM  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Jun 6, 2018, 1:45:31 AM  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Jun 6, 2018, 2:34:54 AM  172.16.0.245Remote (2)
 Firewall Session Opened and Firewall Permit Jun 6, 2018, 3:32:26 AM  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Jun 6, 2018, 6:52:47 AM  172.16.0.245Remote (2)
 Firewall Permit and Firewall Session Opened Jun 6, 2018, 7:46:44 AM  172.16.0.245Remote (2)

Outcomes