Extreme Networks

When the software was restarted, did it establish a connection on 9111? Also if you again for this connection a minute later do you see the local high port changing? This would indicate a constant reconnection taking place. root@snowman:/opt/dragon/bin# netstat -antuv | grep 9111 tcp 0 0 10.58.24.77:50848 10.58.24.88:9111 ESTABLISHED In the above example, 50848, is the local high port. Can you deploy to this sensor at this time? Thanks Jeff

Shutdown removed the lock. No problem there. The HIDS sensor is RHEL5.9 32 bit. FWIW, all sensors connect sensor-to-server.

Hi Could we shutdown the software on the HIDS? (dragon-shutdown.sh) then check to make sure the .net-cfg-client.lock is removed from the ~/dragon/bin directory. If not, please remove it manually and then restart. The 9111 channel is responsible the configuration pushes so perhaps there is a disconnect between the software and the operating system. What version of Linux is the Host? 64 or 32 bit? Thanks

I have established connections on 9111 and 9112. I get heartbeats and system health info. In the EMS client, it shows the sensor needs to be deployed, which fails. But, it's listed as working (green checkmark). I've checked to make sure the shared secret is listed as correct too. It all looks connected, but isn't listed as up.