Adding And Deleting Network Sensors

Note

Many common issues can be resolved by rebooting the appliance, which reloads your configurations, and purges outdated settings. After verifying configurations, rebooting is a good next step in troubleshooting.

As your network changes, you may add or delete sensors.

If you add additional remote locations you can add Network Sensor Appliances to the sites.
To monitor additional broadcast domains with an existing sensor, you may use multiple wired interfaces on that appliance if supported.
For an Appliance with a single wired interface, you can monitor multiple VLANS over a 802.1Q trunk port by configuring sub interfaces.

Add Network Sensor Hardware

If you have added a new remote location, here are the steps to adding an additional Network Sensor hardware to your Policy Server.

Go to Installing Genian NAC. (During the Installation, you will be prompted to link the Sensor with a Policy server IP or FQDN)
After Installation, you should see Network Sensor in the UI Management pane under System > System > Sensor.

Delete Network Sensor Hardware

Note

If you delete the network sensor, the connected VLAN and all node information are deleted together.

Disconnect Network Sensor hardware from the network and power down.
Access Policy Server Webconsole to delete Network Sensor.
Go to System in the top panel.
Go to System > System in the System Management panel.
Find and click on the Checkbox of desired Network Sensor.
Go to Tasks > Delete System.
Click OK to confirm.

Add Interfaces on an Existing Sensor

This option allows you to monitor separate LANs or VLANs on a single sensor appliance without the use of a trunk port. One wired interface is required for each network.

Network Sensors cannot be added through Webconsole, Administrator must be configured through CLI by adding sub-interfaces to the existing eth0 or eth1 interface.

Connect through SSH client to Network Sensor. See: Administration Console .
Enter the following commands below for each Network Sensor to be added:

For this example, interface eth0 is already configured. The interface eth1 will be configured to monitor a separate LAN:

genian> enable
genian# configure terminal
genian(config)# interface eth1 address X.X.X.X X.X.X.X
genian(config)# interface eth1 gateway X.X.X.X
genian(config)# exit

Or setup the interface as a DHCP client:

genian> enable
genian# configure terminal
genian(config)# interface eth1 dhcp enable
genian(config)# exit

Delete A Specific Network Sensor Interface

Note

This deletes a single Network Sensor and all Nodes and Node information

Connect through SSH client to Network Sensor: Administration Console
Enter the following commands below for each Network Sensor interface to be removed:

genian> enable
genian# configure terminal
genian(config)# no interface eth1 address X.X.X.X X.X.X.X
genian(config)# no interface eth1 gateway X.X.X.X
genian(config)# exit

If the interface is configured as a dhcp client , use the following method:

genian> enable
genian# configure terminal
genian(config)# no interface eth1 dhcp enable
genian(config)# exit

Go to System in the top panel
Go to System > Sensor in the System Management panel.
Find and click on the IP Address of desired Network Sensor.
Find and click Delete in General tab.
Click OK to confirm.

Add VLANs (Sub-Interfaces) to an Existing Interface

This option is used when the Network Sensor is installed in trunk port mode. By configuring sub interfaces off of the main physical interface,up to 128 VLANs(Recommended 64 VLANs)configured on that trunk port may be monitored through a single physical interface. When added, a sub interface will show up in the Genians Web Console as a separate sensor/node. This is because for every VLAN that is monitored, an IP address will be assigned to the sensor within that VLAN.

Note

Up to 128 VLANs can be added to Genian NAC, and more than 128 VLANS cannot be set. Genians recommends to set 64 VLANs.

Ensure the Genians Network Sensor is connected to a properly configured .1q trunk port. See "VLANs" in Preparing Network
Connect through SSH client to Network Sensor. See: Administration Console.
Enter ALL VLANs you wish to monitor using commas to separate values and hyphens to denote ranges. Note that each Vlan ID will determine the suffix after eth0. in the sub interface name.

genian> enable
genian# configure terminal
genian(config)# interface eth0 vlan 10,20,30-50

Enter the following commands below for each Network Sensor to be added:

genian> enable
genian# configure terminal
genian(config)# interface eth0.30 address X.X.X.X X.X.X.X
genian(config)# interface eth0.30 gateway X.X.X.X
genian(config)# exit

Or configure the interface as a DHCP client.

genian> enable
genian# configure terminal
genian(config)# interface eth0.30 dhcp enable
genian(config)# exit

Note

If you want to monitor an untagged vlan, including the Native VLAN on a trunk/dot1q port, this can only be done on interface eth0. Specific VLAN interfaces (eth0.x) only monitor tagged traffic.

Delete A Specific VLAN Network Sensor

Note

This deletes a single VLAN Network Sensor and all Nodes and Node information.

Connect through SSH client to Network Sensor. Administration Console.
Enter ALL VLANs you wish to monitor, and exclude the Vlan to be deleted.

genian> enable
genian# configure terminal
genian(config)# interface eth0 vlan 10,20,40-50

Enter the following commands below for the Vlan Sensor Interface to be removed:

genian> enable
genian# configure terminal
genian(config)# no interface eth0.30 address X.X.X.X X.X.X.X
genian(config)# no interface eth0.30 gateway X.X.X.X
genian(config)# exit

If the interface is configured as a DHCP client , use the following method:

genian> enable
genian# configure terminal
genian(config)# no interface eth1 dhcp enable
genian(config)# exit

Go to System in the top panel.
Go to System > Sensor in the System Management panel.
Find and click on the IP Address of desired Network Sensor.
Find and click Delete in General tab.
Click OK to confirm.