Staff

Technical Tip: Persistent Agent communication stops after reboot of appliances

Forum|Forum|7 years ago
September 28, 2018
0 replies
923 views

Description

This article describes how to resolve or workaround an issue with Agent communication which stops working after appliances have been rebooted. This includes scanning and messaging.

Scope

FortiNAC, Persistent Agent Version: All.

Solution

On the Application Server, perform a tcpdump with the end station IP address or on port 4567 to view agent traffic. The following example shows the end station (10.8.79.92) sending traffic using port 4567 to the Application Server (151.119.40.72), but the application server is not responding.

tcpdump -nni any host 10.8.79.92
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
20:58:53.339579 IP 10.8.79.92.4567 > 151.119.40.72.4567: * wb-dop: 0.0.1.224:2135366627<840535053:2207699500>
20:58:58.347246 IP 10.8.79.92.4567 > 151.119.40.72.4567: * wb-dop: 0.0.1.224:2135366627<840535053:2207699500>
20:59:03.348402 IP 10.8.79.92.4567 > 151.119.40.72.4567: * wb-dop: 0.0.1.224:2135366627<840535053:2207699500>
20:59:08.488244 IP 10.8.79.92.4567 > 151.119.40.72.4567: * wb-dop: 0.0.1.224:3455881649<2665158913:3669555794>
20:59:13.489289 IP 10.8.79.92.4567 > 151.119.40.72.4567: * wb-dop: 0.0.1.224:3455881649<2665158913:3669555794>
20:59:18.490465 IP 10.8.79.92.4567 > 151.119.40.72.4567: * wb-dop: 0.0.1.224:3455881649<2665158913:3669555794>

Solution: Reboot appliances in the proper sequence to prevent this behavior. See this article.
Workaround: Restart processes on the Control Server. See this article.

FortiNAC

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded