Issue
How to determine connectivity to VMware Carbon Black Cloud is being blocked by a Firewall.
Note: VMware Carbon Black Cloud does not support SSL inspection.
Environment
VMware Carbon Black Cloud
Windows OS
Resolution
- Use the following Powershell command to verify connections to Console/API URL using port 443.
Test-NetConnection -ComputerName <Your Environment-specfic URL> -Port 443 -InformationLevel "Detailed"
An example of the output verifying the Firewall is not blocking the connection.
Example of output if the firewall is blocking connectivity. - Use the following Powershell command to verify connections to Content Management URL using port 443.
Test-NetConnection -ComputerName "content.carbonblack.io" -Port 443 -InformationLevel "Detailed"
An example of the output verifying the Firewall is not blocking the connection.
Example of output if the firewall is blocking connectivity. - Use the following Powershell command to verify connections to Third-party certificate validation URL using port 80.
Test-NetConnection -ComputerName "ocsp.godaddy.com" -Port 80 -InformationLevel "Detailed"
An example of the output verifying the Firewall is not blocking the connection.
Example of output if the firewall is blocking connectivity.
Test-NetConnection -ComputerName "crl.godaddy.com" -Port 80 -InformationLevel "Detailed"
An example of the output verifying the Firewall is not blocking the connection.
An Example of what the command would look like and is successfully being blocked by the Firewall.
Resources:
Windows Powershell tool Test-NetConnection - https://docs.microsoft.com/en-us/powershell/module/nettcpip/test-netconnection?view=windowsserver2022-ps
VMware Carbon Black Cloud Firewall settings - https://docs.vmware.com/en/VMware-Carbon-Black-Cloud/services/cbc-sensor-installation-guide/GUID-06D2CB73-968A-466E-BD69-B7480CBA800A.html