The content you are looking for has been archived. View related content below.
#cat /etc/sysconfig/iptables -A OUTPUT -o em1 -p tcp -m multiport --sports 50030 -m comment --comment "2 ESA ActiveMQ OUT" -m state --state ESTABLISHED -j ACCEPTRunning ifconfig shows the interface actually being used.
Verify that the connection from the RSA Security Analytics server to the RSA Event Stream Analysis connection is not successful on port 50030 when the iptable service is running. SSH to RSA Security Analytics Server and run the following:
# curl -v <RSA Event Stream Analysis IP>:50030
To resolve the issue,
firewall {'1 ESA ActiveMQ IN': chain => 'INPUT', iniface => $management_interface, proto => 'tcp', source => $sa_server, dport => 50030, state => ['NEW','ESTABLISHED'], action => 'accept' } firewall {'2 ESA ActiveMQ OUT': chain => 'OUTPUT', outiface => $management_interface, proto => 'tcp', sport => 50030, state => 'ESTABLISHED', action => 'accept' }
firewall {'1 ESA ActiveMQ IN': chain => 'INPUT', iniface => em2, proto => 'tcp', source => $sa_server, dport => 50030, state => ['NEW','ESTABLISHED'], action => 'accept' } firewall {'2 ESA ActiveMQ OUT': chain => 'OUTPUT', outiface => em2, proto => 'tcp', sport => 50030, state => 'ESTABLISHED', action => 'accept' }