Troubleshooting
Problem
QRadar® in non-NAT'ed environments uses the IP addresses of the Console, and the other managed hosts to establish connections. When a host is reachable through a different IP, this requires a Network Address Translation (NAT) configuration.
When NAT is configured, the connections between the appliances must know:
- Which IP address to use and connect to.
- Which IP address to allow into the local firewall rules.
Resolving The Problem
The following article series explains how NAT is implemented in QRadar®, how to configure NAT Groups to suit the administrator needs, and troubleshooting known issues related to the implementation.
Q&A Series:
- Network Address Translation (NAT) in QRadar deployments
- Understanding NAT Groups and implementation scenarios
How-to(s):
- How to add a managed host reachable through a different IP
- Configure the Console to be reachable through a different IP
- How to add a managed host to an existing NAT Group for private IP communication
Known issues:
Document Location
Worldwide
[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtNAAQ","label":"Deployment"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Version(s)"}]
Was this topic helpful?
Document Information
Modified date:
07 May 2021
UID
ibm16441289