Cloud Managed Networks

 View Only
last person joined: 3 days ago 

Forum to discuss all things related to HPE Aruba Networking Central and UXI Network Management, including deployment of managed networks, configuration, best practices, APIs, Cloud Guest, AIOps, Presence Analytics, and other included Applications
Expand all | Collapse all

How to know if port 4500 is open in Wan access

This thread has been viewed 11 times
  • 1.  How to know if port 4500 is open in Wan access

    EMPLOYEE
    Posted Sep 03, 2024 11:28 AM

    Hi,

    I have a BGW and a VPNC installed, but the tunnel is not established between them. I am trying to see if from one of the Gateways I can check if port 4500 is open when establishing the tunnel, but I do not have access to the INET routers, so I would like to know if there is any way to check it from the Gateway, something similar to a #telnet ip_destination port 4500.

    Thanks



  • 2.  RE: How to know if port 4500 is open in Wan access

    Posted Sep 05, 2024 11:39 AM

    You could run the 'show datapath session' an see if there is traffic arriving on port 4500 (or if the controller is attempting to send traffic). For an established tunnel you should see two entries per tunnel (example below is tunnel between 192.168.31.33 and both 192.168.36.8 and.11):

    192.168.31.33     192.168.36.8    17   4500  4500  0 /0     0    0   82  0/0/1       1bc7 0          0          FY              1        16421/0   /0    1
    192.168.31.33     192.168.36.11   17   4500  4500  0 /0     0    0   93  0/0/1       1c7a 0          0          FY              1        16421/0   /0    1
    192.168.36.11     192.168.31.33   17   4500  4500  0 /0     0    48  0   0/0/1       1c7a 132777     28720444   FC              1        16421/0   /0    80040
    192.168.36.8      192.168.31.33   17   4500  4500  0 /0     0    40  0   0/0/1       1bc7 134951     29323504   FC              1        16421/0   /0    80040


    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: How to know if port 4500 is open in Wan access

    EMPLOYEE
    Posted Sep 06, 2024 03:43 AM

    Thanks for the input, but the problem is that the tunnels are not established, and I would like to check if the cause is that port 4500 is not open.

    When performing a "show datapath session" it shows nothing on port 4500




  • 4.  RE: How to know if port 4500 is open in Wan access

    EMPLOYEE
    Posted 27 days ago
    Sorry, I didn't explain myself well. I mean that the BGW doesn't try to establish a tunnel with the VPNC, and it's something that fails in the VPNC, since it does establish tunnels against other VPNCs, and if I try with other BGWs to this VPNC the tunnels become inactive. For that reason, I wanted to see how to check the port 4500, in case it's due to that. Anyway, I've already solved it, creating the VPNC group again. Thanks.