.. _adding-deleting-network-sensors: Adding and Deleting Network Sensors =================================== As your network changes, you may add or delete sensors. * If you add a new remote management segment, you can install a Network Sensor device at the remote site for management. * If a management segment is added to an existing Network Sensor, you can add another interface to the existing Network Sensor. * For single-interface appliances, you can manage multiple VLANs via an 802.1Q trunk port. Add a New Network Sensor ------------------------ When a new remote management segment is added, you need to connect the Network Sensor to the Policy Server. For instructions on adding a new Network Sensor, refer to :ref:`installing-network-sensor`. Once installation is complete, you can verify the Network Sensor in the Web Console menu under **System > System Management > Sensor Management**. Delete an Existing Network Sensor --------------------------------- .. note:: | Deleting a Network Sensor will also delete all connected VLANs and node information. #. Disconnect the **Network Sensor** device from the network and power it off. #. Access the **Policy Server Web Console**. #. Go to **System** in the top menu. #. In the System Management section, go to **System > System Management**. #. Click the **Checkbox** for the desired Network Sensor. #. Click **Select Task > Delete Device**. #. Click **OK** to confirm. Add Interfaces to an Existing Network Sensor -------------------------------------------- This option allows you to monitor separate LANs or VLANs on a single sensor appliance without using a trunk port. **One wired interface is required for each network.** **Network Sensors cannot be added through the Web Console; you must configure sub-interfaces on the existing eth0 or eth1 interface using the CLI console.** #. Connect to the Network Sensor via **SSH client**. See :ref:`console` for CLI access instructions. #. Enter the following commands for each Network Sensor to be added: In the example below, eth0 is already configured. eth1 will be configured to monitor a separate LAN. .. code-block:: bash $ sudo su - # Gain root privileges $ cd /etc/netplan # Move to the netplan directory for network settings $ vim *.yaml # Edit the network configuration file under netplan # *.yaml # network: # version: 2 # renderer: NetworkManager # ethernets: # eth0: # dhcp4: false # addresses: [IP address/CIDR] # gateway4: Gateway IP # nameservers: # addresses: [IP address] # # eth1: # dhcp4: false # addresses: [IP address/CIDR] # gateway4: Gateway IP # nameservers: # addresses: [IP address] $ netplan apply # Apply the modified *.yaml file $ cd /usr/geni # Move to the directory to reboot DKNS $ ./compose restart dkns # Reboot DKNS Example of editing the yaml file: .. image:: /images/netplan2.png :width: 450px If you do not use a static IP, configure DHCP: .. code:: bash $ vim /etc/netplan/*.yaml # Edit the *.yaml file # *.yaml # ... # eth0: # dhcp4: false # addresses: [] $ netplan apply # Apply the modified *.yaml file $ cd /usr/geni # Move to the directory to reboot DKNS $ ./compose restart dkns # Reboot DKNS Delete an Existing Network Sensor Interface ------------------------------------------- .. note:: | This function deletes a single Network Sensor and all nodes and node information. 1. Connect to the Network Sensor via **SSH client**. See :ref:`console` for CLI access instructions. 2. Enter the following commands for each Network Sensor to be deleted: .. code:: bash $ sudo su - # Gain root privileges $ cd /etc/netplan # Move to the netplan directory for network settings $ vim *.yaml # Edit the network configuration file under netplan # *.yaml - Delete the configured interface # ... # eth0: # dhcp4: false # addresses: [IP address/CIDR] # gateway4: Gateway IP # nameservers: # addresses: [IP address] $ netplan apply # Apply the modified *.yaml file 3. In the Web Console, go to **System** in the top menu. 4. In the System Management panel, go to **System Management > Sensor Management**. 5. Click the **IP Address** of the Network Sensor to be modified. 6. Click **Node Task > Delete**. 7. Click **OK** to confirm. Add VLANs (Sub-Interfaces) to an Existing Trunk Interface --------------------------------------------------------- This option is used when the Network Sensor is installed in trunk port mode. You can add up to 128 VLANs per device, but it is recommended to use up to 64 VLANs. **Network Sensors cannot be added through the Web Console; you must configure sub-interfaces on the existing eth0 or eth1 interface using the CLI console.** #. Connect to the Ubuntu device where the Network Sensor is installed via **SSH client**. See :ref:`console` for CLI access instructions. #. Add all VLAN interfaces to be monitored. #. Set the IP and Gateway for each added VLAN interface. The suffix after eth0 for each VLAN is determined by the VLAN ID. Below is an example of adding sensors to VLANs 109 and 114. Repeat the process for all VLANs to be monitored. .. code:: bash $ sudo su - # Gain root privileges $ cd /etc/netplan # Move to the netplan directory for VLAN settings $ vim *.yaml # Edit the network configuration yaml file # *.yaml # network: # version: 2 # renderer: NetworkManager # ethernets: # eth0: # dhcp4: false # addresses: [IP address/CIDR] # gateway4: Gateway IP # nameservers: # addresses: [IP address] # # # vlans: # # eth0.VLANID: # id: VLANID # link: eth0 # addresses: [IP address/CIDR] # # eth0.VLANID: # id: VLANID # link: eth0 # addresses: [IP address/CIDR] $ netplan apply # Apply the modified *.yaml file $ cd /usr/geni # Move to the directory to reboot DKNS $ ./compose restart dkns # Reboot DKNS Example of editing the yaml file: .. image:: /images/netplan_vlan.png :width: 450px If you do not use a static IP, configure DHCP: .. code:: bash $ vim /etc/netplan/*.yaml # Edit the *.yaml file # *.yaml # ... # eth0.VLANID: # dhcp4: false # addresses: [] $ netplan apply # Apply the modified *.yaml file $ cd /usr/geni # Move to the directory to reboot DKNS $ ./compose restart dkns # Reboot DKNS .. note:: For **CISCO switches**, be careful not to add the Native VLAN to the sensor. The **Native VLAN (default: VLAN 1)** cannot be monitored by a sensor configured on a trunk port. Delete VLANs from an Existing Trunk Interface --------------------------------------------- .. note:: | This function deletes a single Network Sensor and all nodes and node information. 1. Connect to the Network Sensor via **SSH client**. See :ref:`console` for CLI access instructions. 2. Delete the existing trunk VLAN settings from the configuration file. 3. To remove the VLAN sensor interface, enter the following commands: .. code:: bash $ sudo su - # Gain root privileges $ cd /etc/netplan # Move to the netplan directory for network settings $ vim *.yaml # Edit the network configuration file under netplan # *.yaml - Delete the configured VLANs # ... # vlans: # # eth0.VLANID: # id: VLANID # link: eth0 # addresses: [IP address/CIDR] $ netplan apply # Apply the modified *.yaml file 4. In the Web Console, go to **System** in the top menu. 5. In the System Management panel, go to **System Management > Sensor Management**. 6. Click the **IP Address** of the Network Sensor to be modified. 7. Click **Node Task > Delete**. 8. Click **OK** to confirm.