I have a device sitting behind a firewall of a client’s network currently. I requested per this article Peplink Cloud Service Public IP Address List - #6 by sitloongs that ports 5246 TCP/UDP be open for *.peplink.com.
That didn’t resolve the issue and instead we are seeing traffic getting blocked on port 5246 for the following:
Does *.amazonaws.com on port 5246 need to be a required port that I send future clients?
Supposedly “.peplink.com" will do. Device Egress connections from the device will connect to host servers ended with domain name ".peplink.com”. The logs from your screenshot showing the general PTR for amazonAWS public IP addresses since Peplink IC2 is hosted in AWS. This is nothing related to the Egress connections from the device.
I think the main problem here is that we need to understand how the domain access rules work for your firewall ? The firewall domain rules may not fully learned/identified the host servers for “*.peplink.com”, hence the Egress connections from the device is blocked. Are you using CheckPoint firewall (Screenshot given look like CheckPoint UI)? Would you able to further check how CheckPoint domain rules work ?
Thank you for the response. Unfortunately it was on our customers network, this hasn’t been the first time I ran into this. However, it was the first time the customer let me take a peak at their logs. It was CheckPoint I believe. We were able to resolve this for now by adding each of the IP addresses listed in the URL above.
Adding the IP Addresses should be the best solution for this situation. It should be the firewall domain rules that sometimes no able to gather all the IP addresses involved.
