https://community.splunk.com/t5/Security/firewall-ports/m-p/273794#M7397 <P>The forwarders (client) initiates the connection to deployment-server. This normally uses management-port (default is 8089) of dep-server. Using the same connection, deployment-server will push the apps/packages to the client. </P> <P>For linux systems, <BR /> From forwarders use:</P> <PRE><CODE>ssh -v -p 8089 &lt;deployment-server&gt; </CODE></PRE> <P>Also if the connection is established, you can see the connection info in </P> <PRE><CODE>index=_internal sourcetype=splunkd source="/opt/splunk/var/log/splunk/splunkd.log" ip=&lt;ip_of_forwarder&gt; </CODE></PRE> Thu, 02 Feb 2017 13:34:03 GMT koshyk 2017-02-02T13:34:03Z https://community.splunk.com/t5/Security/firewall-ports/m-p/273792#M7395 <P>how to check on FORWARDERS if firewall is opened for the DEPLOYMENT server ? Any command ?</P> <P>Operating system is linux.</P> Thu, 02 Feb 2017 09:23:54 GMT https://community.splunk.com/t5/Security/firewall-ports/m-p/273792#M7395 joydeep741 2017-02-02T09:23:54Z https://community.splunk.com/t5/Security/firewall-ports/m-p/273793#M7396 <P>I'd suggest a simple:</P> <PRE><CODE>telnet depl_srv_fqdn port </CODE></PRE> <P>Standard port is 8089.</P> Thu, 02 Feb 2017 10:20:22 GMT https://community.splunk.com/t5/Security/firewall-ports/m-p/273793#M7396 mirkoneverstops 2017-02-02T10:20:22Z https://community.splunk.com/t5/Security/firewall-ports/m-p/273794#M7397 <P>The forwarders (client) initiates the connection to deployment-server. This normally uses management-port (default is 8089) of dep-server. Using the same connection, deployment-server will push the apps/packages to the client. </P> <P>For linux systems, <BR /> From forwarders use:</P> <PRE><CODE>ssh -v -p 8089 &lt;deployment-server&gt; </CODE></PRE> <P>Also if the connection is established, you can see the connection info in </P> <PRE><CODE>index=_internal sourcetype=splunkd source="/opt/splunk/var/log/splunk/splunkd.log" ip=&lt;ip_of_forwarder&gt; </CODE></PRE> Thu, 02 Feb 2017 13:34:03 GMT https://community.splunk.com/t5/Security/firewall-ports/m-p/273794#M7397 koshyk 2017-02-02T13:34:03Z https://community.splunk.com/t5/Security/firewall-ports/m-p/273795#M7398 <P>Open a terminal:</P> <P>sudo cat /proc/sys/net/ipv4/ip_forward</P> <UL> <LI>0 means disabled</LI> <LI>1 means enabled</LI> <LI>cat means view content of the file</LI> </UL> Fri, 17 Mar 2017 06:21:13 GMT https://community.splunk.com/t5/Security/firewall-ports/m-p/273795#M7398 tricianieva 2017-03-17T06:21:13Z