Kron PAM Outbound Ports

kron pam services use specific outbound ports to access endpoints and to the servers integrated the following port of target servers should be open between kron pam and target servers the required firewall rules must be defined on the network configuration table of kron pam outbound port legend includes all kron pam modules please configure your environment based on the modules that your platform includes service name port number source destination comments ldap / active directory 389 / tcp 636 / tcp kron pam instances ldap / active directory server these ports are used to access the active directory server of tenants smtp 25 / tcp 465 / tcp 587 / tcp kron pam instances mail server these ports are used to access the active directory server of tenants siem 514 / udp kron pam instances siem server these ports are used to access the siem server of tenants database replication 31417 / tcp between kron pam instances (n to n) between kron pam instances (n to n) these ports are used to provide replication between instances remote desktop connection rdp / vnc 3389 / tcp 5900 / tcp and customized ports if there are kron pam instances rdp/vnc supported devices that will be managed by kron pam these ports are used during rdp/vnc connections to the devices secure shell ssh 22 / tcp and customized ports if there are kron pam instances ssh supported devices that will be managed by kron pam these ports are used during ssh connection to the devices file transfer s/ftp 22 / tcp 23 / tcp and customized ports if there are kron pam instances s/ftp supported devices that will be managed by kron pam these ports are used during s/ftp connections to the devices web browsing http/s proxy any port that is needed kron pam instances http/s supported devices that will be reached by kron pam these ports are used during http/s connection to the devices radius 1645 / udp 1646 / udp 1812 / udp 181 / udp kron pam instances radius devices these ports are used during radius connection to the devices managed database/s depends on db providers and ports kron pam instances databases that will be managed by kron pam these ports are used during database connection to the servers you can check whether a port is open by running the following command in the cli of the kron pam instance you must be able to connect to target devices over the related port check the port connectivity \[root\@kronpam ]# telnet \<target ip address> \<target host> successful connection example the expected output is as below after a successful connection \[root\@kronpam ]# telnet x x x x 22 trying x x x x connected to x x x x escape character is ‘^]’ failed connection example if you observe the output below, check the status of the target device and firewall rules \[root\@kronpam ]# telnet x x x x 22 telnet connect to address x x x x x x x x connection timed out