If the Windows firewall function is enabled after the ATIC is installed, all packets sent to the firewall will be discarded. To resolve this problem, you can configure exception port numbers or whitelist IP addresses for the Windows firewall function to allow connection establishment before enabling the ATIC service.
Context
NOTE: - If the hardening software package has been installed,the package will automatically process firewall inbound rules. If the package is not installed, manually add firewall inbound rules according to the description in this section.
- The port numbers added in the following operations are basic port numbers for ATIC services. If an actually used port is different from the port list in the communication matrix, add the port as an exception.
If the ATIC is deployed in centralized mode, you must configure inbound rules for the Windows firewall function on the ATIC server.
If the ATIC is deployed in distributed mode, you must configure inbound rules for the Windows firewall function on both the ATIC server and collector.
Procedure
- Click Control Panel and then Windows Firewall.
- Click Advanced settings on the left side.
- Select Inbound Rules from the navigation tree and
click New Rules....
- Select Port and click Next.
- Add UDP ports 9110, 9112, 9114, 514.
- Select Allow Connections.
- Click Next until the configuration is complete.
- Repeat steps 1 to 6 to allow TCP ports 3389, 8080, 443,
4433, and 6514.
NOTE: For the distributed ATIC, you need to configure ports 11098 and 33098 as exceptions on the ATIC server .You also need to configure ports 11099 and 33099 as exceptions on the collector.
NOTE: To configure whitelist IP addresses, choose , configure IP addresses and ports, and allow access.
Port rules have a higher priority than whitelist IP address rules. If access to a port is allowed, this port is accessible to certain IP addresses, no matter whether whitelist IP addresses are configured.