Can't connect to velociraptor ip:8000
AH-M-ED opened this issue · comments
Hello,
I installed velociraptor on security onion and everything works fine !
I can access to velociraptor via https://$yourhost/velociraptor
but the problem that when i try to added a client ,it can't connect to the manager:8000 to retrieve the certificate.
and by accessing to manager:8000 manually,it will not respond !
I added a firewall rule using sudo so-firewall includehost velociraptor <IP/CIDR> and still can't connect to port 8000
thanks.
Is the manager address resolvable by the client? Maybe you could try manually adding to the client machine's hosts file to ensure that is not the issue?
yes,the manager address is resolvable by the client! I can ping,i can access to security onion dashboard,i can access to https://$yourhost/velociraptor ,but I can't access to manager:8000 and so the velociraptor client will not connect .
https://pastebin.com/Nak7ZQd6
Are you able to perform a Test-NetConnection or netcat successfully to the port?
Can't netcat to port 8000.
Sounds like there is a firewall in-between, or the local firewall for SO isn't actually opening the port for the intended address.
You can try running iptables -nL | grep $address
(your client address) to see if the allowance exists in iptables.