What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Externally available PRTG Website

Votes:

0

Hello,
Our construct is following:
We have a double-NAT with 2 firewalls in place, Checkpoint and Fortigate.
Checkpoint is our external firewall, while Fortigate is internal, NAT on both sides.
Everything is working fine, we can access PRTG via https externally and internally.
However: we are also using the PRTG app, which can access via HTTP or HTTPS only.
In our penetration testing, a valid point has been made, in that the PRTG website is accessible externally - which should be avoided, if possible.
So basically:
Is it possible to avoid the ability to connect to the PRTG website externally, yet still being able to use the App?
Thanks

https prtg website

Created on Apr 13, 2022 11:35:59 AM

Last change on Apr 14, 2022 5:57:22 AM by Felix Wiesneth [Paessler Support]



1 Reply

Votes:

0

Hey,

Is it possible to avoid the ability to connect to the PRTG website externally, yet still being able to use the App? Actually, this is not possible since the app uses the very same port TCP/443 to connect to PRTG. So, if the Port is open for the app, it's also open for the users who use a Browser to connect to PRTG's GUI.

Please check this page for details.

Best,
Sven Roggenhofer
Technical Support, Paessler AG

Created on Apr 15, 2022 9:15:04 AM by Sven Roggenhofer [Paessler Technical Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.