Hi Dean92,
According to How Probes Work section on https://www.paessler.com/manuals/prtg/remote_probes_and_multiple_probes,
The connection between probe and core is initiated by the probe, secured using Transport Layer Security (TLS). This means that the data sent back and forth between core and probe is not visible to someone capturing data packets.
I've leveraged this in situations like yours to connect a probe back to the core. I would recommend allowing only the whitelisted source IP of the probe(s) to connect to the NAT you open to expose the core.
According to https://kb.paessler.com/en/topic/69754-remote-probe-connection,
Probes use dynamic high ports to connect to their PRTG Core Server. Only on the core side it is fixed to port 23560, as the target TCP Port. A Probe does not need to use the same port for its outgoing connection, so it opens a dynamic high port.
Hope this answers your question!
Thanks,
Randolfini
Add comment