Port configuration
A description of port types and their characteristics.
Primary management port
The primary management port:
- Is the primary interface for administrative access
- Must be the only one in the system
- Requires the default gateway
- Is intended for management purposes, with default restrictions in line with standard security policies
- Exposes:
- Web user interface (UI) on port 443
- secure shell (SSH) access on port 22
- Can be used to connect to these sensors:
- Arc
- Guardian
- Remote Collector
Management port(s)
A management port:
- Is a secondary interface for administrative access
- Permits multiple ports
- Requires no gateway
- Is intended for management purposes, with default restrictions in line with standard security policies
- Exposes:
- Can be used to connect to these sensors:
- Arc
- Guardian
- Remote Collector
Active port(s)
An active port:
- Has an assigned internet protocol (IP) address, used for operational data exchange
- Can be used:
- To poll assets through Smart Polling
- To communicate with the sensor through Arc endpoints
- For communication for downstream sensors
- As an ERSPAN target
- Cannot be used:
- Exposes:
- Port 443 and 6000 only for synchronization with downstream sensors
- Port 6000 is enabled only when
n2os-enable-rcis issued
Passive port(s)
A passive port:
- Is a port without an assigned IP
- Is intended to receive mirrored traffic, for example, SPAN
Supported formats
| IP/CIDR format | 192.0.2.10/24 |
| Gateway format | 192.0.2.1 |
| IP/CIDR format | 2001:db8::10/64 |
| Gateway format | 2001:db8::1 |
| Compressed notation supported | ::1/128, fe80::1/64 |
Important notes for the ports configuration
Note:
Reboot required: Most modifications require a system
reboot to be applied.
Note:
Version compatibility: Validation: IP addresses and gateways must be of the same version
(Internet Protocol version 4 or Internet Protocol version 6).
Note:
Privileges: Most modification commands require
administrative privileges.
Note:
Network interruption: Changes may temporarily
interrupt network connectivity.
Note:
Confirmation required: The system will ask for
confirmation before applying critical changes.
Common error messages
| Error message | Resolution |
|---|---|
| IP is required | Specify an IP address with
--ip. |
| Default gateway IP is required | Specify a default gateway with --default-gateway. |
| Unknown port | The specified port name does not exist. |
| The IP is not in the required format | Use a valid IPv4 address or
classless inter-domain routing (CIDR) notation (for example,
192.0.2.10 or 192.0.2.0/24). |
| Gateway not in subnet | The gateway must belong to the same subnet as the interface IP address. |
| No management port found | No management interface is currently configured. |
| Port is not active | You attempted to deactivate a port that is already passive. |
Exit codes for the n2os-netconf commands
0: Success.
1: Error occurred (for example, invalid parameters, validation failed, or similar).