Troubleshoot your connection to the Addy service
You must establish a connection to the Addy service through ExtraHop Cloud Services from the Admin UI of your ExtraHop Discover appliance. However, if the connection fails or you do not have a direct internet connection, you can connect to the internet through a proxy server specifically designated for ExtraHop Cloud services and Atlas connectivity. This guide explains how to troubleshoot common connectivity issues.
Before you begin
You must have a valid license to connect to the Addy service. See the License FAQ for additional information. Note that it can take up to 24 hours for a license update to be available for your ExtraHop appliance after your request for a valid license is enabled.
Note: | The procedures in this topic require access to the ExtraHop Admin UI on your Discover appliance and require that you modify the Running Config file. The Running Config file manages default system configurations and can be modified when needed. You must save the Running Config file if you want the modified settings to be preserved after a system restart. For more information, see the Running Config section of the Admin UI Guide. |
Configure your firewall rules
Before you can connect to the Addy service, you must allow access to the ExtraHop Cloud Services through any firewalls.
Connection to the Addy service requires that your environment is able to meet the following conditions:
- The ability to perform a DNS lookup of *.extrahop.com
- The ability to connect to ExtraHop Cloud Services through HTTPS (port 443)
nslookup hc.extrahop.com
Connect to the Addy service through a proxy
If the connection fails or you do not have a direct internet connection, try connecting to the Addy service through an explicit proxy.
- Log into the Admin UI of the Discover appliance.
- In the Network Settings section, click Connectivity.
- Click Enable ExtraHop Cloud Proxy.
- Type the hostname for your proxy server, such as proxyhost.
- Type the port for your proxy server, such as 8080.
- (Optional): If required, type a username and password for your proxy server.
- Click Save.
Bypass certificate validation
Some environments are configured so that encrypted traffic cannot leave the network without inspection by a third-party device. This device can act as an SSL/TLS endpoint, which decrypts and re-encrypts the traffic before sending the packets to ExtraHop Cloud Services.
If the ExtraHop appliance cannot connect to the proxy server because the certificate validation has failed, you can bypass certificate validation and connect to ExtraHop Cloud Services.
Thank you for your feedback. Can we contact you to ask follow up questions?