In a multi-tenant deployment, you install
the engine on a host machine. By default, engines installed in a
multi-tenant deployment do not use port 443 and use a different
encryption handshake for each tenant. A port is created for each
tenant, starting at 18501, and increases for each new tenant.
In
many cases the Cortex XSOAR server will have a firewall because
engine is probably installed in different networks. The firewall
might stop any communication between the host and the Cortex XSOAR
server. It is recommended that you do the following:
Make
sure that the host machine is actually able to communicate with
the tenant on the port listed in the tenant. You can use Telnet
or any similar tool to check if the Engine can get access before
you install the Engine. In some cases, if there is a firewall you
will need to unblock and set an ANY ANY rule or allow access from
the host machine that hosts the Engine so that it can communicate
back on the port for 18501 (as seen above in the base URL).
You might need to drop any iptable rules on the Cortex XSOAR
server and make sure that the ports 18501 and higher for each tenant.
To do this, look at the iptables command and drop the appropriate
iptable rules.
Configure the base URL.
Go to
About
Troubleshooting
Server Configurations (section)
.
In the
Base URL (for D2 Agents and Engines)
key
enter the URL with the port.
1.1.1.1:18501
Download and install the engine.
Go to
Settings
Integrations
Engines
.
Click
Create New Engine
.
Select and download the appropriate installer file.
Install the engine on the appropriate host machine.
