https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/Recent content in Working with Networking onHugoenhttps://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_network_settings/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_network_settings/<p>When this option is selected, network configuration details added during installation are displayed. The network connection for the appliance are displayed. You can modify the network configuration as per the requirements.</p> <p><img src="https://docs.protegrity.com/10.2/docs/images/aog_networking_configuration_edit_screen.png" alt="Networking Configuration Edit Screen" title="Networking Configuration Edit Screen"></p> <h2 id="changing-hostname">Changing Hostname</h2> <p>The hostname of the appliance can be changed.</p> <blockquote> <p>In the hostname field, if special characters are to be used, then only <em>hyphen</em> (-) is supported.</p></blockquote> <p>To change the hostname:</p>https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_troubleshoot_network/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_troubleshoot_network/<p>Using the <strong>Network Troubleshooting Tools</strong>, you can check the health of your network and troubleshoot problems. This tool is composed of several utilities that allow you to test the integrity of you network. The following table describes the utilities that make up the Network Utilities tool.</p> <div> <h4>Table 1. Network Utilities</h4> <table border="1" width="100%"> <thead> <tr> <td> <div>Name</div> </td> <td> <div>Using this tool you can...</div> </td> <td> <div>How…</div> </td> </tr> </thead> <tbody valign="top"> <tr> <td> <div>Ping</div> </td> <td> <div>Tests whether a specific Host is accessible across the network. </div> </td> <td> <div>In the <b>Address</b> field, type the IP address that you want to test. </div> <div>Press <b>ENTER</b>. </div> </td> </tr> <tr> <td> <div>TCPing</div> </td> <td> <div>Tests whether a specific TCP port on a Host is accessible across the network. </div> </td> <td> <div>In the <b>Address</b> field, type the IP address. </div> <div>In the <b>Port</b> field, type the port number. </div> <div>Select <b>OK</b>. </div> </td> </tr> <tr> <td> <div>TraceRoute</div> </td> <td> <div>Tests the path of a packet from one machine to another. Returns timing information and the path of the packet. </div> </td> <td> <div>At the prompt, type the IP address or Host name of the destination machine. </div> <div>Select <b>OK</b>. </div> </td> </tr> <tr> <td> <div>MTR</div> </td> <td> <div>Tests the path of a packet and returns the list of routers traversed and some statistics about each. </div> </td> <td> <div>At the prompt, type the IP address or Host name. </div> <div>Select <b>OK</b>. </div> </td> </tr> <tr> <td> <div>TCPDump</div> </td> <td> <div>Tests network traffic, and examines all packets going through the machine. </div> </td> <td> <div>To filter information, by network interface, protocol, Host, or port, type the criteria in the corresponding text boxes. </div> <div>Select <b>OK</b>. </div> </td> </tr> <tr> <td> <div>SysLog </div> </td> <td> <div>Sends syslog messages. Can be used to test syslog connectivity. </div> </td> <td> <div>In the <b>Address</b> field, enter the IP address of the remote machine the syslogs will be sent to. </div> <div>In the <b>Port</b> field, enter a port number the remote machine is listening to. </div> <div>In the <b>Message</b> field, enter a test message. Select <b>OK</b>. </div> <div>On the remote machine, check if the syslog was successfully sent. </div> <div>Note that the appliance uses UDP syslog, so there is no way to validate whether the syslog server is accessible. </div> </td> </tr> <tr> <td> <div>Show MAC</div> </td> <td> <div>Finds out the MAC address for a given IP address. Detects IP collision. </div> </td> <td> <div>At the prompt, type the IP address or Host name. </div> <div>Select <b>OK</b>. </div> </td> </tr> </tbody> </table> </div>https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_manage_firewall_settings/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_manage_firewall_settings/<p>Protegrity internal firewall provides a way to allow or restrict inbound access from the outside to Protegrity Appliances. Using the Network Firewall tool you can manage your Firewall settings. For example, you can allow access to the management-network interface only from a specific machine while denying access to all other machines.</p> <p>To improve security in the ESA, the firewall in v9.2.0.0 is upgraded to use the <em>nftables</em> framework instead of the <em>iptables</em> framework. The nftables framework helps remedy issues, including those relating to scalability and performance.</p>https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_management_interface_settings/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_management_interface_settings/<p>Using the Management Interface Settings option, you can specify the network interface that will be used for management (ethMNG). By default, the first network interface is used for management (ethMNG). The first management Ethernet is the one that is on-board.</p> <p><img src="https://docs.protegrity.com/10.2/docs/images/aog_management_interface_settings_screen.png" alt="Management Interface Settings screen" title="Management Interface Settings screen"></p> <p>If you change the network interface, then you are asked to reboot the ESA for the changes to take effect.</p> <blockquote> <p>Note: The MAC address is stored in the appliance configuration. If the machine boots or reboots and this MAC address cannot be found, then the default, which is the first network card, will be applied.</p>https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_ports_allowlist/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/10.2/docs/aog/command_line_interface_cli_manager/working_with_networking/aog_ports_allowlist/<p>On the <strong>Proxy Authentication</strong> screen of the Web UI, you can add multiple AD servers for retrieving users. The AD servers are added as URLs that contain the IP address/domain name and the listening port number. You can restrict the ports on which the LDAP listens to by maintaining a port allowlist. This ensures that only those ports that are trusted in the organization are mentioned in the URLs.</p> <p>On the CLI Manager, navigate to <strong>Networking</strong> &gt; <strong>Ports Allowlist</strong> to set a list of trusted ports. By default, port <em>389</em> is added to the allowlist.</p>