Kron PAM Outbound Ports
Kron PAM services use specific outbound ports to access endpoints and to the servers integrated. The following port of target servers should be open between Kron PAM and target servers. The required firewall rules must be defined on the network configuration.
Table of Kron PAM Outbound Port Legend includes all Kron PAM modules. Please configure your environment based on the modules that your platform includes.
Service Name | Port Number | Source | Destination | Comments |
LDAP / Active Directory | 389 / TCP 636 / TCP | Kron PAM Instances | LDAP / Active Directory Server | These ports are used to access the Active Directory server of tenants. |
SMTP | 25 / TCP 465 / TCP 587 / TCP | Kron PAM Instances | Mail Server | These ports are used to access the Active Directory server of tenants. |
SIEM | 514 / UDP | Kron PAM Instances | SIEM Server | These ports are used to access the SIEM server of tenants. |
Database Replication | 31417 / TCP | Between Kron PAM Instances (N to N) | Between Kron PAM Instances (N to N) | These ports are used to provide replication between instances. |
Remote Desktop Connection RDP / VNC | 3389 / TCP 5900 / TCP and customized ports if there are | Kron PAM Instances | RDP/VNC supported devices that will be managed by Kron PAM | These ports are used during RDP/VNC connections to the devices. |
Secure Shell SSH | 22 / TCP and customized ports if there are | Kron PAM Instances | SSH supported devices that will be managed by Kron PAM | These ports are used during SSH connection to the devices. |
File Transfer S/FTP | 22 / TCP 23 / TCP and customized ports if there are | Kron PAM Instances | S/FTP supported devices that will be managed by Kron PAM | These ports are used during S/FTP connections to the devices. |
Web Browsing HTTP/S Proxy | Any port that is needed | Kron PAM Instances | HTTP/S supported devices that will be reached by Kron PAM | These ports are used during HTTP/S connection to the devices. |
RADIUS | 1645 / UDP 1646 / UDP 1812 / UDP 181 / UDP | Kron PAM Instances | RADIUS devices | These ports are used during RADIUS connection to the devices. |
Managed Database/s | Depends on DB providers and ports | Kron PAM Instances | Databases that will be managed by Kron PAM | These ports are used during database connection to the servers. |
You can check whether a port is open by running the following command in the CLI of the Kron PAM Instance. You must be able to connect to target devices over the related port.
Check the port connectivity:
[root@kronpam~]# telnet <target IP Address> <Target Host>
Successful connection example:
The expected output is as below after a successful connection:
[root@kronpam~]# telnet X.X.X.X 22 Trying X.X.X.X ... Connected to X.X.X.X. Escape character is ‘^]’
Failed connection example:
If you observe the output below, check the status of the target device and firewall rules.
[root@kronpam~]# telnet X.X.X.X 22 telnet: connect to address X.X.X.X: Connection timed out