Forum Discussion

Copper Contributor

Nov 13, 2017

Registration Failure - Connectivity Issues

I've been able to get the sensor installed on a few DCs, but on others I just get the error "The Sensor failed to register due to connectivity issues." I don't see anything obviously different about...

Former Employee

Nov 13, 2017

Hi Eric, Check the sensor log directory under c:\program files\azure advanced threat protection sensor.

Eric Conkle
Copper Contributor
Nov 13, 2017
The failure is before that folder is created, so no logs. I was able to get a couple more to run by watching the network. They needed an outbound rule added to allow HTTPS to 13.90.138.89. Are there any other IPs we need, or a way to tell the sensor to use a proxy?
- Astrid McClean
  Former Employee
  Nov 13, 2017
  Hi Eric, There is information about how to connect via a proxy in "What you will need to on board Azure ATP – a list of prerequisites" entry. Under "For the Azure ATP Sensors to communicate with Azure ATP cloud service" there are specific details on connectivity through a proxy.
  
  Firewall/proxy open - For your Domain Controllers to communicate with the cloud service, you must have open: *.atp.azure.com port 443 in your firewall/proxy. The configuration needs to be at the machine level (=machine account) and not a user account. Note that you need to setup access to the DNS name not individual IP addresses as there are subject to change.
  - Eric Conkle
    Copper Contributor
    Nov 13, 2017
    Thanks. Our firewalls don't support rules by DNS name, so I'll have to figure out some way around that.
    
    A couple of these are core, so the URL probes won't work for testing connectivity. It doesn't appear that core supports authenticated proxies, so that's out too.
    
    Are there any plans for a forwarding server like the OMS Gateway?