Egress FQDN Discovery

Discover what Internet sites your apps visit before you configure the Egress FQDN Filter.

If you already know the sites you apps visit or the FQDN names you need to apply, skip the Discovery step.

Go to Security > Egress Control > Egress FQDN Discovery. Select a gateway from the dropdown menu and click Start. After the monitoring will starts, click Show at any time to see the captured destination sites.

Click Stop to stop the Discovery process.

Start

When you click Start, the Controller will automatically enable SNAT function on the gateway. The Controller looks for all private subnets in the VPC/VNet and replaces any 0.0.0.0/0 > NAT Gateway to instead point to the Aviatrix Gateway.

During the Discovery step, the Exception Rule must be enabled (the checkbox should be marked, which is the default setting).

Stop

When you click Stop, the VPC/VNet private route table entry for the default route (0.0.0.0/0) will be restored to its previous setting.

Show

While the Discovery is in progress, click Show at any time to see the captured destination sites.

Download

Click Download during or after the Discovery and the destination list will be downloaded. You can later import the list to configure the FQDN Filter.

Note that if a gateway is already attached to a FQDN tag, you cannot run the Discovery process, but you can view FQDN results immediately by going to Step 4, Egress FQDN View Log.

discovered_sites