Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Trending KB Articles

DNS Encryption Point Counterpoint Image.jpg

#2842: Grid members cannot forward reports to indexing server



Grid members cannot forward reports to the reporting server which indexes them.

In technical terms, "forwarder is not able to send reports to the indexer".




Grid members and reporting server are in different networks with a firewall between them.




All NIOS 5.x and 6.x versions.




When Grid members are behind a firewall, reports may not get through to the reporting server (indexer) if the firewall rules are not configured to allow the required ports.

By default, grid members use TCP port 9997 to forward reports to the indexer. The communication between the forwarder and the indexer uses SSL and is compressed, which is not changeable. If the forwarder has multiple interfaces, system administrators have no control over which interface sends the reports. By default, the indexer listens on all its interfaces.




To ensure that the indexer can receive reports, verify that the configured TCP port is open for communication between the forwarder and the indexer and that the forwarder's interfaces and the indexer's interfaces can communicate over the configured TCP port. By default, the configured TCP report is port 9997.

Showing results for 
Search instead for 
Did you mean: