Blocking outgoing connections through TCP port 389
Posted: 31 Jul 2020, 18:27
Hello good afternoon, I open this topic because I am having blocks from my cPanel server to my AD through TCP port 389. In the CSF firewall I already added the IP of the AD server in a white list and also allowed TCP and UDP port 389 in the input and output, but even with those settings the connection blocks continue. I send the log that is generated:
Jul 31 11:40:01 cpanel kernel: Firewall: TCP_OUT Blocked IN= OUT=ens160 SRC=IP_CPANEL DST=IP_AD LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=38965 DF PROTO=TCP SPT=41578 DPT=389 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
In the log I replaced the IPs of the servers with the names of the services and marked them in bold.
Jul 31 11:40:01 cpanel kernel: Firewall: TCP_OUT Blocked IN= OUT=ens160 SRC=IP_CPANEL DST=IP_AD LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=38965 DF PROTO=TCP SPT=41578 DPT=389 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
In the log I replaced the IPs of the servers with the names of the services and marked them in bold.