Configure ports
Assign roles to a sensor’s network ports to create the desired configuration. The command applies only to the sensor where you run it and does not affect other sensors.
Show all current port configurations
| Product | Guardian |
| Syntax | n2os-netconf ports --show [--compact]
|
| Description | Shows the ports name and current configuration. |
| Parameters | --compact, Shows a compact version of the display without the
More Info column. |
| Where | The text-console (access directly or through secure shell (SSH)) |
| To apply | Enter the command and press enter. |
Identify the primary management port
| Product | Guardian |
| Syntax | n2os-netconf ports --get --mgmt-primary |
| Description | Shows the name of the port that is currently defined as the primary management port. |
| Parameters | None |
| Where | The text-console (access directly or through SSH) |
| To apply | Enter the command and press enter. |
Identify the IP address of the primary management port
| Product | Guardian |
| Syntax | n2os-netconf ports --get --mgmt-primary-ip |
| Description | Shows the internet protocol (IP) addresses of the primary management port. |
| Parameters | None |
| Where | The text-console (access directly or through SSH) |
| To apply | Enter the command and press enter. |
Identify the management port
| Product | Guardian |
| Syntax | n2os-netconf ports --get --mgmt |
| Description | Shows the names of the ports that are currently defined as management ports. |
| Parameters | None |
| Where | The text-console (access directly or through SSH) |
| To apply | Enter the command and press enter. |
Identify the IP address of the management port
Set a port as the management port
| Product | Guardian |
| Syntax | n2os-netconf ports --change-mgmt PORT
[--reboot-later]Important: The
port designated as the new management port must reside within the default gateway
network. |
| Description | Transfers management configuration from one port to another, preserving IP address, gateway, and other settings. The port previously configured as management port will become a passive port. |
| Parameters | PORT, For example: port1 |
--reboot-later Prevents automatic system reboot. User must
manually reboot to apply changes. |
|
| Where | The text-console (access directly or through SSH). User must have root privileges. All SSH connections use the current management port and will be lost after the change. Do not run this command unless a serial connection, or a connection into the sensor through the new management port is available. |
| To apply | Enter the command and press enter. The sensor will reboot upon completion of the command to correctly apply this setting. |
Set a port as a primary management port
| Product | Guardian |
| Syntax | n2os-netconf ports --set PORT --mgmt-primary --ip IP/CIDR
--default-gateway IP [--reboot-later] [--wpa] |
| Description | Sets the selected port to be the primary management port, assigning it an IP address and a subnet mask, and sets the default gateway to the specified IP address |
| Parameters | PORT, For example: port1 |
IP/CIDR, For example: 192.167.1.15/24 or
2001:db8::10/64
|
|
IP, For example: 192.167.1.1 or 2001:db8::1
|
|
--reboot-later Prevents automatic system reboot. User must
manually reboot to apply changes. |
|
--wpa Enables WPA authentication. |
|
| Where | The text-console (access directly or through SSH). User must have root privileges. |
| To apply | Enter the command and press enter. |
Set a port as a secondary management port
| Product | Guardian |
| Syntax | n2os-netconf ports --set PORT --mgmt --ip IP/CIDR [--reboot-later]
[--wpa] |
| Description | Sets the selected port as a secondary management port assigning it an IP address and a subnet mask. |
| Parameters | PORT, For example: port1 |
IP/CIDR, For example: 192.167.1.15/24 or
2001:db8::10/64
|
|
--reboot-later Prevents automatic system reboot. User must
manually reboot to apply changes. |
|
--wpa Enables WPA authentication. |
|
| Where | The text-console (access directly or through SSH). User must have root privileges. |
| To apply | Enter the command and press enter. |
Set a port as an active port
| Product | Guardian |
| Syntax | n2os-netconf ports --set PORT --active --ip IP/CIDR [--reboot-later]
[--wpa] |
| Description | Sets the selected port as an active port assigning it an IP address and a subnet mask. |
| Parameters | PORT, For example: port1 |
IP/CIDR, For example: 192.167.1.15/24 or
2001:db8::10/64
|
|
--reboot-later Prevents automatic system reboot. User must
manually reboot to apply changes. |
|
--wpa Enables WPA authentication. |
|
| Where | The text-console (access directly or through SSH). User must have root privileges. |
| To apply | Enter the command and press enter. |
Set a port as a passive port
| Product | Guardian |
| Syntax | n2os-netconf ports --set PORT --passive
[--reboot-later] |
| Description | Sets the selected port as a passive port removing any IP addresses and subnet mask from it. |
| Parameters | PORT, For example: port1 |
--reboot-later Prevents automatic system reboot. User must
manually reboot to apply changes. |
|
| Where | The text-console (access directly or through SSH). User must have root privileges. |
| To apply | Enter the command and press enter. |