Skip to main content

Hi,

 

i will need to open a support ticket with LP in the near future as the /opt folder does not have enough free space anymore which prevents the 6.11 updates from being applied.

According to the LP documentation following fw rules have to be configured to successfully create a support connection:

reverse.logpoint.dk - 1193/UDP

customer.logpoint.com - 443/TCP

 

My first question:

Are these rules still correct ? reverse.logpoint.dk does not seem to exist anymore. Adding these rules to our firewall would not allow our LogPoint to retrieve a support IP.

 

 

Second question:

I guess that 443/TCP is needed to send some HTTPS traffic back to Logpoint. However, all HTTPS traffic in our network is routed through a forward proxy, and i would like to prevent making an exception for our LPs if it is avoidable. But i can not find any setting in the web-gui allowing me to configure a http proxy on the LogPoint. Is it possible to configure a system wide http proxy via the web-gui or the command line  ? Please mind, we only have command line access for li-admin, not full root privileges.

 

Third question:

I found a CLI tool for establishing a remote connection in the LP docs somewhere, yet for another product (i think it is LP Director), called start-support.

Though undocumented, it seems to work in LP. Can i use it to establish a remote connection (if so, i think exporting the http_proxy variable for li-admin should be sufficient, as the start-support tool will run as user li-admin also), or does it something different ?

 

Regards

   Andre

Hi Andre,

 

Thanks for posting on LogPoint Community ! You are correct, it looks like we have a typo on documentation, I will make sure it is fixed.

 

Let me summarise the requirements to use LogPoint support connection.

You need the following ports/protocol to be open through your firewall for all your LogPoint servers:

  • Port 1193/UDP to reverse.logpoint.com (89.188.79.98) 
  • Port 1193/UDP from reverse.logpoint.com (89.188.79.98)
  • Port 443/TCP to customer.logpoint.com (172.67.190.81) - not mandatory

It is not possible to use a proxy for the vpn connection as it is based on UDP protocol. Regarding the HTTPS connection to cutomer.logpoint.com, it is not mandatory to open this port/destination for the support connection to be established.

You can start and stop the support connection both from the GUI and the CLI interfaces.

The commands format in the CLI interface can be found in the README file from the li-admin user home directory.

 

For your convenience I put the format below:

start-support : "Starts the support connection and keeps the support-port open for specified amount of time.
If the time is not specified then the support-port is opened for 1 hour only."

  Syntax:     start-support <timeout in hours>(optional)
  Examples:

  • Start support connection with 1 hour timeout:      start-support 1
  • Start support connection with no timeout:            start-support infinite

stop-support : "Stops the support connection"
  Syntax:    stop-support

 

I hope you’ll find this answer useful!

 

Kind regards

Jérôme

 


Thanks Jérôme, your answer was what i wanted to know.

 

Andre


Reply