Home
Alerts, reporting, troubleshooting
Portnox Active Directory Broker
In this collection of topics, you will learn how to troubleshoot problems with the installation and operation of the Portnox™ Active Directory Broker.
Cloud connectivity
In this topic, you will learn how to check if the Portnox™ Active Directory Broker connects to the Portnox™ Cloud service.

Alerts, reporting, troubleshooting
- Portnox Cloud alerts
  In this topic, you will learn what are alerts in Portnox™ Cloud, where to find them, and how to use them effectively.
- AAA Logs
  In this topic, you will learn what are AAA logs in Portnox™ Cloud, where to find them, and how to use them effectively.
- Reporting service
  In this topic, you will learn what is the Portnox™ Cloud reporting service and how to download and/or schedule different types of reports.
- Monitoring mode
  In this collection of topics, you will learn how to use the monitoring mode to safely onboard devices without risking the loss of network access.
- Portnox Cloud onboarding
  In this collection of topics, you will learn how to troubleshoot problems with onboarding devices to a network managed by Portnox™ Cloud.
- Portnox Active Directory Broker
  In this collection of topics, you will learn how to troubleshoot problems with the installation and operation of the Portnox™ Active Directory Broker.
  - General troubleshooting
    In this topic, you will learn how to troubleshoot typical problems with the operation of the Portnox™ Active Directory Broker.
  - Logs and events
    In this topic, you will learn where Portnox™ Active Directory Broker logs are located in your file system and where you can find events related to the broker.
  - Service location
    In this topic, you will find where to find the Portnox™ Active Directory Broker service in the Windows Services console.
  - Installation errors
    In this topic, you will learn how to troubleshoot typical errors that happen during the installation of the Portnox™ Active Directory Broker.
  - Cloud connectivity
    In this topic, you will learn how to check if the Portnox™ Active Directory Broker connects to the Portnox™ Cloud service.
  - LDAP connectivity
    In this topic, you will learn how to check if the Portnox™ Active Directory Broker connects correctly to your on-premises LDAP server.
  - Credential change
    In this topic, you will learn how to update the Portnox™ Active Directory Broker configuration after you changed the access credentials.
- Portnox AgentP
  In this collection of topics, you will learn how to troubleshoot problems with the installation and operation of the Portnox™ AgentP.
- Local RADIUS/TACACS+ instances
  In this collection of topics, you will learn how to troubleshoot problems with the operation of the local RADIUS/TACACS+ instances.
- Integrations
  In this collection of topics, you will learn how to troubleshoot problems with Portnox Cloud integrations such as those with authentication repositories, endpoint management solutions, and more.
- Conditional Access for Applications
  In this collection of topics, you will learn how to troubleshoot problems with Portnox Conditional Access to Applications.

How to check if the AD Broker connects to the cloud

In this topic, you will learn how to check if the Portnox™ Active Directory Broker connects to the Portnox™ Cloud service.

The Portnox Active Directory Broker connects to the cloud on the following ports:

Outgoing: portnox-centraal-prod.servicebus.windows.net:443
Outgoing: mobilecentraal.portnox.com:8081

You need to allow these connections on the firewall and these names/ports must be reachable from the Active Directory Broker machine.

Note: There are no static IP addresses for these services, only DNS names.

To check if the cloud is reachable, use the following methods:

Use the following PowerShell commands:
- Test-NetConnection -Port 443 -ComputerName portnox-centraal-prod.servicebus.windows.net -InformationLevel Detailed
- Test-NetConnection -Port 8081 -ComputerName mobilecentraal.portnox.com -InformationLevel Detailed
Try to open the following URLs in your browser and see if you receive a server response:
- https://portnox-centraal-prod.servicebus.windows.net:443
- https://mobilecentraal.portnox.com:8081 (a 503 response code means that there is connectivity)

If the servers are not reachable, you need to check DNS, firewall, and proxy settings.

The following ports must be open on the firewall for the broker to be able to communicate with the cloud:


Protocol	Ports	URL	Direction	IP
TCP	8081	mobilecentraal.portnox.com	Outbound	13.92.155.150, 104.40.220.180
TCP	9350, 9351, 9352, 9354, 80, 443, 5671, 5672	*.servicebus.windows.net	Outbound	ANY
TCP	5671, 5672, 80, 443	devices-ingress-clear-prod-eastus.servicebus.windows.net	Outbound	52.168.147.11
TCP	5671, 5672, 80, 443	devices-ingress-clear-prod-westeu.servicebus.windows.net	Outbound	23.100.14.185
TCP	443	cloudcentraalstoreprodus.blob.core.windows.net	Outbound	52.226.8.148
TCP	443	cloudcentraalstoreprod.blob.core.windows.net	Outbound	52.239.140.10