Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Cannot telnet port 443 from securesphere gateway to the DB server

    Posted 06-16-2021 05:12
    Hi,

    I need help to understand this behavior of securesphere gateway.

    We want to installed a DAM agent on a DB server for database activity and monitoring. The relevant ports 443 (bi-directional) and 5555 (unidirectional) are opened on firewall. The agent is able to communicate with the DAM gateway and also monitoring the DB.

    But, when I try to telnet the DB server from DAM gateway on port 443, the connection is getting refused. How to understand this ?

    Regards
    Chintan
    #DatabaseActivityMonitoring

    ------------------------------
    Chintan Myakal
    Sr.Cybersecurity Analyst
    Mumbai
    ------------------------------


  • 2.  RE: Cannot telnet port 443 from securesphere gateway to the DB server
    Best Answer

    Posted 06-16-2021 05:23
    Edited by John Thompson 01-15-2024 16:57
    Hi Chintan,

    There is one-way communication between Agents and Gateways which is initiated from Agents to Gateways.

    The details are below:

    https://docs.imperva.com/howto/5fefc15c



    ------------------------------
    Cezmi Cal
    technical support engineer
    Barikat Cyber Security
    Ankara
    ------------------------------



  • 3.  RE: Cannot telnet port 443 from securesphere gateway to the DB server

    Posted 06-16-2021 05:53
    Hi Cezmi,

    As far as I know, port 443 communication is bidirectional and the agent listener port which we are using 5555 is unidirectional (from agent to gateway).

    Can you please share any references if any ?

    Regards

    ------------------------------
    Chintan Myakal
    Sr.Cybersecurity Analyst
    Mumbai
    ------------------------------



  • 4.  RE: Cannot telnet port 443 from securesphere gateway to the DB server

    Posted 06-16-2021 07:30
    Hi Chintan,

    I already shared the reference in first post which is https://docs.imperva.com/howto/5fefc15c

    If you could not access this document page, the screenshot in first post was taken from same document.

    ------------------------------
    Cezmi Cal
    technical support engineer
    Barikat Cyber Security
    Ankara
    ------------------------------



  • 5.  RE: Cannot telnet port 443 from securesphere gateway to the DB server

    Posted 06-16-2021 16:27
    I could not reach the link.

    The administration guide has a list of the ports that need to be opened.
    https://docs.imperva.com/bundle/v14.4-dam-administration-guide/page/9039.htm 

    Typically port 443 is not open from the DB server to the gateway, and the agent will communicate on port 5555 or another port if you have changed the default.



  • 6.  RE: Cannot telnet port 443 from securesphere gateway to the DB server

    Posted 06-21-2021 12:06
    As show in the picture, the communication is unidirectional: from the agent to the gateway. Not the other way around. So it is logical that the server does not listen on port 443

    ------------------------------
    George Gkiouzelis
    System & Network Security Engineer
    Nicosia
    ------------------------------



  • 7.  RE: Cannot telnet port 443 from securesphere gateway to the DB server

    Posted 06-21-2021 12:06
    Hi Chintan,

    I have run into this problem before as well.  I agree that if you are getting a connection refused error, that it doesn't sound like a firewall issue. (verses a timeout error)  It does not seem like an issue with your Imperva configuration either.   I would try this same test from another machine, other than your gateway, to see if your can ssh to the DB host okay on port 443.  If you can't, it may be that the 443 port isn't listening on the DB host, or more likely that there is a host-based firewall in place preventing you from performing your test.




    ------------------------------
    Gary Olsen
    Security Engineer
    Riverton UT
    ------------------------------