Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
700
Views
5
Helpful
4
Replies

Unknown inbound traffic from 72.163.7.115

marktrigg67
Level 1
Level 1

‎01-15-2020 12:25 PM

Hi can anyone identify what this IP source 72.163.7.115 is that I am seeing inbound on my firewall and hence being denied. The destination IP is the outside global address of my collector. Source port is 8443 whilst destination is random high ports. I can find no refrence to it in any documentation.

 

Thanks

Mark

0 Helpful
4 Replies 4

adias
Cisco Employee
Cisco Employee

‎01-15-2020 01:34 PM - edited ‎01-15-2020 01:39 PM

 

 

The collector has a module that can be allowed to do RMC, typically used so that Services like Partner support can support the BOX, if the CSPC collector you are referring to is just for SNTC service this module is not required. Those connections I believe are heartbeats to verify if connection does exist.

72.163.7.115 cacsoapp-prd-22

ReverseProxy

RMC

 

Using SSH you access the CLI user admin ( not the same authentication as the GUI ) you can enable/disable the Websocket process that do those attempts

 

admin# conf websocket *
-----------------------------
Usage:
admin# conf websocket <action>
Eg:
admin# conf websocket enable
admin# conf websocket disable

marktrigg67
Level 1
Level 1
In response to adias

‎01-20-2020 06:18 AM

Hi Adias,

 

Thanks for the prompt reply. I am assuming then the Cisco CSPC quick start guide from Feb 2018 I'd been handed is incorrect then. In it I had two outbouand addresses to allow through my firewall on 443 these being  72.163.7.113 and 72.163.7.125 whilst inbound for remote management I had concsoweb2prd.cisco.com allowed on TCP 442 which actually maps to 72.163.7.16.

 

Happy to turn off the websocket but still not clear now what addresses need to be open for the collector to reach the portal to register. There will be no remote inbound management.

 

Also from a different post when trying to test connectivity i found reference to the command below however when I try it I received an error no such command.

 

curl --tlsv1.2 https://concsoweb-prd.cisco.com/HeadEndWebAppServlet/ -v -k

I have also fell foul pof the recent issue og the gui upgrade button not working properly so have my collector stuck upgrading to 2.8.1.6 Apply-In -Progress although CLI access still working.

 

If I can confirm i can reach collector i can focus on upgrade.

 

Cheers

 

Mark

 

0 Helpful

adias
Cisco Employee
Cisco Employee
In response to marktrigg67

‎01-20-2020 03:13 PM

 

Well not necessarily the collector (CSPC) itself is multi service and it provide a number of different option in itself. So it depend if the CSPC guide you saw was generic or specific for SNTC,  send me the link and I can review it for you.

0 Helpful

marktrigg67
Level 1
Level 1
In response to adias

‎01-22-2020 02:57 PM

Hi,

 

The guide I had was

 

Cisco CSPC 2.7.x
Quick Start Guide
Feb 2018

 

Also are you able to answer my query regarding a cli command to test connectvity to the portal to prove the firewalls are open correctly. My  collector hung whilst doing the upgrade (started using the GUI button from 2.8.1.4 to 2.8.1.6) and so have asked customer to delete and go back to 2.8.1.4

 

Thanks

 

Mark

0 Helpful
Customers Also Viewed These Support Documents