Home
Alerts, reporting, troubleshooting
Portnox AgentP
In this collection of topics, you will learn how to troubleshoot problems with the installation and operation of the Portnox™ AgentP.
Firewall open ports
In this topic, you will learn how to configure your firewall to make sure that the Portnox™ AgentP can communicate with Portnox™ Cloud.

Alerts, reporting, troubleshooting
- Portnox Cloud alerts
  In this topic, you will learn what are alerts in Portnox™ Cloud, where to find them, and how to use them effectively.
- AAA Logs
  In this topic, you will learn what are AAA logs in Portnox™ Cloud, where to find them, and how to use them effectively.
- Reporting service
  In this topic, you will learn what is the Portnox™ Cloud reporting service and how to download and/or schedule different types of reports.
- Preventive and reactive measures
  In this collection of topics, you will learn what you can do to prevent service outages and how to react if such outages happen.
- Monitoring mode
  In this collection of topics, you will learn how to use the monitoring mode to safely onboard devices without risking the loss of network access.
- Portnox Cloud onboarding
  In this collection of topics, you will learn how to troubleshoot problems with onboarding devices to a network managed by Portnox™ Cloud.
- Portnox Cloud RADIUS
  In this collection of topics, you will learn how to troubleshoot problems with Portnox™ Cloud RADIUS server connectivity.
- Portnox Active Directory Broker
  In this collection of topics, you will learn how to troubleshoot problems with the installation and operation of the Portnox™ Active Directory Broker.
- Portnox AgentP
  In this collection of topics, you will learn how to troubleshoot problems with the installation and operation of the Portnox™ AgentP.
  - General troubleshooting
    In this topic, you will learn how to troubleshoot typical problems during the installation of Portnox™ AgentP.
  - Sending logs to support
    In this topic, you will learn where to find Portnox™ AgentP logs in your file system and how to prepare them and send them to support.
  - Firewall open ports
    In this topic, you will learn how to configure your firewall to make sure that the Portnox™ AgentP can communicate with Portnox™ Cloud.
  - Switching to unattended enrollment mode
    In this topic, you will learn how to switch an existing installation of Portnox AgentP for Windows to unattended enrollment mode by changing values in the Windows registry.
- Local RADIUS/TACACS+ instances
  In this collection of topics, you will learn how to troubleshoot problems with the operation of the local RADIUS/TACACS+ instances.
- Guest network (captive portal)
  In this collection of topics, you will learn how to troubleshoot problems with the Portnox Cloud guest network service and its captive portal.
- Integrations
  In this collection of topics, you will learn how to troubleshoot problems with Portnox Cloud integrations such as those with authentication repositories, endpoint management solutions, and more.
- Conditional Access for Applications
  In this collection of topics, you will learn how to troubleshoot problems with Portnox Conditional Access to Applications.

How to set up the firewall for AgentP to connect to Cloud

In this topic, you will learn how to configure your firewall to make sure that the Portnox™ AgentP can communicate with Portnox™ Cloud.

You need to open the following ports on your firewall:


FQDN	Protocol	Ports	Direction	Description
mobilecentraal.portnox.com	TCP	443, 8081	Outbound	Enrollment, settings sync, VPN token
radius.portnox.com	TCP	443	Outbound	Direct access
devices-ingress-clear-prod-eastus.servicebus.windows.net	TCP	80, 443, 5671, 5672	Outbound	Data sync
devices-ingress-clear-prod-westeu.servicebus.windows.net	TCP	80, 443, 5671, 5672	Outbound	Data sync
portnox-centraal-prod.servicebus.windows.net	TCP	80, 444, 5671, 5672	Outbound	SB for VPN strong factors
portnox-centraal-prod-eastus.servicebus.windows.net	TCP	80, 445, 5671, 5672	Outbound	SB for VPN strong factors
cloudcentraalstoreprodus.blob.core.windows.net	TCP	443	Outbound	Data sync
cloudcentraalstoreprod.blob.core.windows.net	TCP	443	Outbound	Data sync
pnxeusprdclrinstallers.blob.core.windows.net	TCP	443	Outbound	Data sync
pnxweuprdclrinstallers.blob.core.windows.net	TCP	443	Outbound	Data sync
pnxweuprdclrpublic.blob.core.windows.net	TCP	443	Outbound	Data sync
pnxeusprdclrpublic.blob.core.windows.net	TCP	443	Outbound	Data sync

Warning: Since Microsoft services can change their public IP addresses (as has happened in the past), we recommend avoiding the use of static IP addresses. Instead, use fully qualified domain names (FQDNs) as listed above.

If your firewall software does not support FQDNs or encounters issues, such as failing to recognize some IP addresses resolved from the FQDNs, you can use this official Azure script to retrieve the IP addresses associated with an Azure FQDN. You can then add all these IP addresses to the firewall instead of the FQDNs. However, be sure to regularly monitor connectivity and check for any updates, as Microsoft may add or remove IP addresses over time.