• Genian NAC
  • My Genians
  • Contact
Genian NAC
5.0.39-92349

Deployment Guide

  • Deployment Overview
  • Phase 1 - Network Surveillance / Visibility
  • Phase 2 - Plan / Design
  • Phase 3 - Configure
  • Phase 4 - Test / Validate
  • Phase 5 - Expand Deployment

Administrator's Guide

  • Understanding Network Access Control
  • Deploying Genian NAC
  • Installing Genian NAC
  • Monitoring Network Assets
  • Controlling Network Access
  • Managing On-boarding Process
  • Managing User Authentication
  • Controlling Endpoints with Agent
  • Detecting Anomalies
  • Managing Logs and Events
  • Managing Systems

Developers

  • API Guide
  • Log Format

Support

  • Node Group Templates
  • Frequently Asked Questions
  • Troubleshooting
    • Genian NAC log collection and diagnostic method
    • Network
      • Network Sensor is not displayed in Web Console
      • Sensor link state is displayed as Down
        • Symptom
        • Cause
        • Resolution
      • Network Sensor is displayed as Failsafe
      • Running Genian Agent is not Detected in WebUI
      • Agent is Installed but not Running
      • 502 Proxy Error
    • Configuration
    • Operation
    • System
    • Interworking
  • Release Notes
  • Service Level Agreement
  • Answers
  • Slack Chat
Genian NAC
  • Docs »
  • Troubleshooting »
  • Sensor link state is displayed as Down
  • View page source

Sensor link state is displayed as Down¶

Symptom¶

Sensor link state is displayed as Down in the node management or sensor management screen.

../_images/sensor-down.png

Cause¶

The network sensor periodically sends a keep-alive packet to the policy server to inform that it is operating normally. If this packet is not forwarded to the policy server, the link status is displayed as Down.

The keep-alive packet communicates on the following ports:¶

On-Premeses
Allow for UDP / 3870 ports
Cloud-managed

(Varies)

Go to System> Service > Port and allow port in Keepalive section

../_images/keepalive-port.png

Resolution¶

In this case, the following should be confirmed:

  1. The network sensor is turned on.
  2. A communication path exists between policy server and network sensor on the keep-alive port. Ensure necessary exceptions on firewalls or other appliances.
  3. Through SSH on the Policy Server, inspect traffic using the command to see if the keep-alive packet is reaching the policy server: tcpdump -i eth0 host [Network Sensor IP] [keep-alive port] , to check for keep-alive packet.
Next Previous

© Copyright 2020, GENIANS, INC

Built with Sphinx using a theme provided by Read the Docs.