Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

AWS private Network problem

vgolof
Explorer
‎09-17-2015 05:57 AM

Why no acces for Answer ? Server *.cloud.splunk.com 54.175.240.162:9997 is miss ?

We have 2 EC2 instances in OpsWorks.
1. seed1.localdomain in public net 172.17.xx.xx + private net 10.1.0.41
2. mongodb1.localdomain in private net 10.1.0.205

---- seed1 ----

 netstat -anp | grep splu
tcp        0      0 0.0.0.0:8089                0.0.0.0:*                   LISTEN      17542/splunkd
tcp        0      0 10.1.0.41:60272             54.175.240.162:9997         ESTABLISHED 17542/splunkd

 tcpdump

12:38:02.743757 IP 10.1.0.2.domain > 10.1.0.41.41733: 31303 1/0/0 A 54.175.240.162 (75)
12:38:02.744019 IP 10.1.0.41.33566 > 54.175.240.162.palace-6: Flags [S], seq 3286603834, win 26883, options [mss 8961,sackOK,TS val 39239167 ecr 0,nop,wscale 7], length 0
12:38:02.818160 IP 54.175.240.162.palace-6 > 10.1.0.41.33566: Flags [S.], seq 2305285408, ack 3286603835, win 26847, options [mss 8961,sackOK,TS val 168913928 ecr 39239167,nop,wscale 7], length 0
12:38:02.818193 IP 10.1.0.41.33566 > 54.175.240.162.palace-6: Flags [.], ack 1, win 211, options [nop,nop,TS val 39239185 ecr 168913928], length 0
12:38:02.818436 IP 10.1.0.41.33566 > 54.175.240.162.palace-6: Flags [P.], seq 1:297, ack 1, win 211, options [nop,nop,TS val 39239186 ecr 168913928], length 296

---- mongodb1 ----

 netstat -anp | grep splunk
tcp        0      0 0.0.0.0:8089                0.0.0.0:*                   LISTEN      16104/splunkd
tcp        0      1 10.1.0.205:41946            54.175.240.162:9997         SYN_SENT    16104/splunkd

 tcpdump

12:24:53.138224 IP 10.1.0.205.41452 > 54.175.240.162.palace-6: Flags [S], seq 244061703, win 26883, options [mss 8961,sackOK,TS val 39009304 ecr 0,nop,wscale 7], length 0
12:25:08.123068 IP 10.1.0.205.41464 > 54.175.240.162.palace-6: Flags [S], seq 360299705, win 26883, options [mss 8961,sackOK,TS val 39013050 ecr 0,nop,wscale 7], length 0
12:25:09.122201 IP 10.1.0.205.41464 > 54.175.240.162.palace-6: Flags [S], seq 360299705, win 26883, options [mss 8961,sackOK,TS val 39013300 ecr 0,nop,wscale 7], length 0

Security Groups
sg-86ba38e2
Inbound

All TCP TCP 0 - 65535 54.175.240.162/31
Custom TCP Rule TCP 8089 sg-bdba38d9 
Custom TCP Rule TCP 8089 0.0.0.0/0

sg-bdba38d9
Inbound

All TCP TCP 0 - 65535 54.175.240.162/31
Custom TCP Rule TCP 8089 0.0.0.0/0
Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

vgolof
Explorer
‎09-17-2015 08:28 AM

Fixed:
VPC Dashboard -> SecurityGroups -> NATSecurityGroup
Added Inbound and Outbound
Custom TCP Rule TCP (6) 9997 10.1.0.0/23

Deleted all Custom TCP Rules TCP 8089

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

vgolof
Explorer
‎09-17-2015 08:28 AM

Fixed:
VPC Dashboard -> SecurityGroups -> NATSecurityGroup
Added Inbound and Outbound
Custom TCP Rule TCP (6) 9997 10.1.0.0/23

Deleted all Custom TCP Rules TCP 8089

0 Karma
Reply
Get Updates on the Splunk Community!

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

 Ready to master Kubernetes and cloud monitoring like the pros? Join Splunk’s Growth Engineering team for an ...

Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know

To Community SOAR App Developers - we're reaching out with an important update regarding Python 3.9's ...

October Community Champions: A Shoutout to Our Contributors!

As October comes to a close, we want to take a moment to celebrate the people who make the Splunk Community ...