Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nandhakumar
Participant

Identity Collector issue

Hi,

We have configured 2 IDC for our identity awareness gateway cluster (Version R81.10). We have noticed only it showing one idc session when ran "pdp connections idc".

I checked from non reported IDC, i am able to do telnet from IDC to security gateway IP address on port 443. Tested connection from idc to gateway, all looks good.

When ran tcpdump getting continuous logs for one of the idc on port 443 but not the same with other one. Not sure what would be the issue, Can you some insight on this would be appreciated. 

 

0 Kudos
2 Replies
the_rock
Champion
Champion

Can you run fw monitor to the non working one and then compare the output with working one? That would give us some insight...also, maybe confirm the routing is valid with ip r g x.x.x.x (ip address) command.

0 Kudos
Nandhakumar
Participant

Routing is in place and both IDC's are in same Vlan. I am able see to connections are established with connected IDC but not the other one when ran netstat command. 

Also our identity gateway is cluster, so ideally communication from IDC to Identity gateway happens with port 443 but what I have observed in netstat it showing connection established with node IP and that too with port 5908 port.

Does any internal NAT happening here? Also does port 5908 is known port for Checkpoint IDC and identity gateway communication?

 

0 Kudos