Wazuh can't be accessible from different vlan
431 views
Skip to first unread message
Enekupe Lelevaga
Oct 18, 2022, 8:12:12 PM10/18/22
to Wazuh mailing list
Hi Team, I built a Wazuh Server on a different VLAN I want to be able to access from a different VLAN.
Pablo Ariel Gonzalez
Oct 18, 2022, 11:18:13 PM10/18/22
to Wazuh mailing list
Hi enetupevaga, I will be happy to discuss this query with you.
To understand the problem a bit better, would it be possible for you to share with us additional data about your need?
I understand that you have Wazuh deployed (all-in-one or multi-node installation) in one VLAN and you can access the wazuh web interface from the same VLAN without any problems. But you also want to access the wazuh web interface from a different VLAN, is this correct?
I understand that you have Wazuh deployed (all-in-one or multi-node installation) in one VLAN and you can access the wazuh web interface from the same VLAN without any problems. But you also want to access the wazuh web interface from a different VLAN, is this correct?
Thanks,
Enekupe Lelevaga
Oct 19, 2022, 5:59:59 PM10/19/22
to Pablo Ariel Gonzalez, Wazuh mailing list
Yes, that is correct
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/1b8c072a-e378-449f-99fd-8b5287fdb564n%40googlegroups.com.
Message has been deleted
Pablo Ariel Gonzalez
Oct 21, 2022, 12:04:17 AM10/21/22
to Wazuh mailing list
Hi Enekupe,
Correct, here then the solution you should apply is at the network level as this is where your limitation is. Conceptually VLANs are separate networks (which may or may not be interconnected).
So you have your wazuh installation on one network (e.g. 10.10.1.0/24) with one IP address (e.g. 10.10.1.18) and you want to connect from another network (e.g. 10.20.2.0/24). Then you need some mechanism in the network that tells the traffic how to get from the new network to your wazuh installation.
When you only need to access an IP address on a single port, as in this case, what is generally used is to route the IP to the new network. In other words, the switch/router indicates the path from the new network to the Wazuh IP address on the other network. The configuration varies a bit and depends on the network equipment provider you are using, but the concept is the same.
This configuration is a simple task for a network administrator and should not take much time. However, if you have to do it yourself and have not had experience with this configuration you can share with us the make and model of the network element you are using. We will try to guide you through the configuration process.
So you have your wazuh installation on one network (e.g. 10.10.1.0/24) with one IP address (e.g. 10.10.1.18) and you want to connect from another network (e.g. 10.20.2.0/24). Then you need some mechanism in the network that tells the traffic how to get from the new network to your wazuh installation.
When you only need to access an IP address on a single port, as in this case, what is generally used is to route the IP to the new network. In other words, the switch/router indicates the path from the new network to the Wazuh IP address on the other network. The configuration varies a bit and depends on the network equipment provider you are using, but the concept is the same.
This configuration is a simple task for a network administrator and should not take much time. However, if you have to do it yourself and have not had experience with this configuration you can share with us the make and model of the network element you are using. We will try to guide you through the configuration process.
Thanks,
Kotory
Oct 21, 2022, 3:46:30 AM10/21/22
to Wazuh mailing list
If you can't access anything in your second network (vlans are basically logically separated networks) it is most likely caused by missing/false routing or firewall settings (closed ports etc).
I would suggest you to start troubleshooting with simple tracert (windows)/tracepath (linux) command just to see if your packets are actually routed to your second vlan.
Reply all
Reply to author
Forward
0 new messages