Port validation

Dan Belostotsk1
Mega Expert

Hi,
Configuring SNow to LDAPs integration.

As we don't have access to application server VM and can't do telnet to determine if 636 is open, is there any other
way to determine if the configuration on the other side is valid and complete?

Thank you.

Dan.

1 ACCEPTED SOLUTION

Ok, got it. Actually, there is a range of IP addresses references from HI portal(My IP information section) for VPN / NO VPN integrations. And in my case, it didn't
match nslookup resolved IP. Thank g*d for FW logs..



Thanks for the assist.


View solution in original post

7 REPLIES 7

Ok, So here is the situation.
They expose VIP address wich leads to their LDAPs server.
Firewall configured to allow inbound from my_instance and my_home address.



When i try to access this VIP using LDAP client(LdapAdmin.exe) i get the correct response(complaining regarding the certificate which i haven't provided).
Firewall logs show my access attemps.



When i configure the same setting from my_instance, configure certificate, provide the ip address listed in HI_Poral and nslookup to net team, i get the errors
listed above and no attempts recorded in firewall.




So two possibilities come to mind:
1: My configuration is incorrect.


2: The ip address i provide the net team is incorrect.



Which one is it?


Please assist.



Thank you.


Okay. So your network team only allowed packets from your ServiceNow instance. In this case, Yes! we cannot telnet and check from other machines.



I don't think your IP address would be a problem. Because in our firewall we have configured some Nslook'ed up IP address of our ServiceNow instance to communicate only with MID server port 443. Its working fine but you need to ask ServiceNow to intimate you if there is a change in the IP address.



Yes! I believe you need to check your configuration. Also, Below doc would be helpful for uploading certificate. Double check if you followed this



Uploading a Certificate - ServiceNow Wiki



Regards,


Vivek


Ok, got it. Actually, there is a range of IP addresses references from HI portal(My IP information section) for VPN / NO VPN integrations. And in my case, it didn't
match nslookup resolved IP. Thank g*d for FW logs..



Thanks for the assist.