My Profile
Sign Out
Tickets
Knowledge Base
Login
Articles in this section
Category / Section
  2. Deployment

Possible causes of Firewall Issues in Bold BI

Published:

This article outlines the possible firewall-related issues that may occur in various Bold BI® installed environments. Below are some common causes of firewall-related issues across different environments.

Windows Environment:

In Windows environment, firewall settings may block certain resources which restrict access to the Bold BI® application. Common causes are listed as below:

  • Blocked-Ports: Windows firewall may have default settings that restrict access to certain ports handled by Bold BI®. So, make sure the ports are open to communicate and accessible by Bold BI® application. (Ex: for http:80,for https:443).
  • Third-Party Security Software: Any additional security software may have strong restriction than windows defender firewall thus causing blocking access to Bold BI® resources. So, you need to ensure and review the specific firewall settings as well.
  • Firewall Rules: Configuration of firewall rules needs to be ensured to avoiding blocking Bold BI® resources. It is essential to review and adjust firewall rules to ensure that they permit access to and from the Bold BI® application. Please find the below steps to be followed to add firewall rule to whitelist the IP’s:
  1. Open the Windows Defender Firewall in your machine.
  2. Click on the Advanced settings in the left panel.
  3. In the Windows Firewall with Advanced Security window, select Inbound Rules.
  4. Click New Rule on the right side.
  5. Select Custom and go to scope window.
  6. Choose These Ip address option and add the Ip address of the Bold BI® hosted machine and click next.image.png
  7. Select Allow Connection.
  8. Enable the below three options.image.png
  9. Complete the wizard by giving the rule name and click on Finish.

Linux Environment:

  • SELinux Policies: In Bold BI® environments like RHEL in Linux, SELinux may restrict access to certain resources. Ensure that SELinux policies are configured to allow Bold BI operations. So, you can ensure this by using the below command.
sudo setenforce 0

Docker Environment:

On running Bold BI® hosted in a Docker container, firewall issues can arise due to the below causes:

  • Host Firewall Rules: The host machine’s firewall may block traffic to the Docker container. Verify that the host’s firewall allows traffic on the ports mapped to the container.

Kubernetes Environment:

In Kubernetes, firewall-related issues can arise from network policies and service configurations:

  • Network Policies: Kubernetes allows the definition of network policies that can restrict traffic between pods. Ensure that the network policies permit traffic to and from the Bold BI® pods.
  • Load Balancer: Ensure that the load balancer is configured properly to allow external access if needed.
  • Ingress Controllers: Ingress rules need to be setup properly to route traffic to the Bold BI® application.

Azure:

In Azure, firewall issues can stem from both Azure’s built-in security features and network configurations:

  • Network Security Groups (NSGs): NSGs control inbound and outbound access to Azure resources. Ensure that the NSG associated with the virtual machine or service hosting Bold BI® allows traffic on the required ports. Please find the below steps to add rules to allow the ports:
  1. Go to the Azure portal and navigate to the virtual machine or virtual network you want to open the port for.
  2. Click on the “Networking” section.
  3. Click on “Add inbound port rule” to create a new rule for the port you want to open.
  4. Choose the protocol (TCP or UDP) and specify the port number that you want to open.
  5. Select the source IP address or range of IP addresses that you want to allow access to the port.
  6. Choose the action you want to take on the traffic (allow or deny).
  7. Click on “Add” to create the new inbound rule.
  • Azure Firewall: If Azure Firewall is deployed, it may block access to Bold BI®. Review the firewall rules to ensure that they permit the necessary traffic.
  • Public IP Configuration: Ensure that the Azure resource has a public IP address configured correctly to allow external access.

AWS:

When deploying Bold BI® on AWS, several firewall configurations can lead to connectivity problems.

  • Security Group Configuration: Ensure that the security group associated with your Bold BI® instance allows inbound traffic on the required ports. Typically, Bold BI® requires access to ports such as 80 (HTTP) and 443 (HTTPS). If you are using additional services, such as databases or APIs, ensure that the corresponding ports are also open.
  • Network Access Control Lists (NACLs): NACLs provide an additional layer of security at the subnet level. If NACLs are too restrictive, they can prevent access to your Bold BI® application. Ensure that they allow inbound and outbound traffic on the necessary ports and also make sure to configure both the inbound and outbound rules.
  • VPC Peering and Routing: If using VPC, verify that the route tables for both VPCs are correctly configured to allow traffic between them. Ensure that the peering connection is active and properly configured.
  • EC2 instances: If you have configured a firewall on the EC2 instance itself (e.g., iptables), it may block incoming connections. Check the firewall settings on the EC2 instance to ensure that they allow traffic on the required ports. Adjust the firewall rules as necessary to permit access.

GCP:

  • Firewall Rules:
  1. Create or update the firewall rules in the GCP Console to allow traffic on essential ports (e.g., 80 and 443). Ensure that the firewall rules are applied to the correct network and are not overridden by other rules.
  2. Check the firewall settings on the VM instances to ensure that they allow traffic on the required ports. Modify the firewall rules as necessary to permit access to the ports.
  • VPC Network Configuration: In GCP, the configuration of the Virtual Private Cloud (VPC) network can impact connectivity. Misconfigured subnets or routes can lead to issues. Check the subnet settings to ensure that they are correctly configured for your Bold BI deployment. Check the routing tables to ensure that they allow traffic to and from the Bold BI instance.

Additional References

Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
PK
Written by Pavithra Kannan
Updated:
Comments (0)
Please  to leave a comment
Access denied
Access denied