Reset Search



Netsight server doesn't start its services - firewall in the path to Internet

« Go Back


TitleNetsight server doesn't start its services - firewall in the path to Internet
Netsight server restarted, successfully reboots.
Oneview and other web-based Netsight apps are working as expected.
Thick (Java) clients like Console and other java-based apps do open, login-page comes up and after using the credentials the following message pops up: "The server has not started yet, please try again later."
Netsight: 7.0.6.x or earlier
Firewall: Fortigate
One of the Netsight suite components is a scanning vulnerability agent (Saint). At every server restart the system tries to update with new vulnerability definitions put up for Saint on Extreme's website. Such an URL is 

There are two choices here: 
- Netsight has no Internet access, the request to that URL will time out (15sec) then JBoss server startup continues 
- Netsight has Internet access, opens a TCP connection to that URL and downloads the definitions if newer.

In order for the Java app (URL request) to time out the 3-way TCP handshake to that URL must not get responded to (SYN not followed by SYN/ACK) or TCP-SYN to get a Reject. 

What happened: 
- the firewall allowed the 3-way TCP handshake to complete then blocked everything else 
- The Java app that updates the Saint definitions has seen the URL connection was opened and awaited for data to continue 
- Unfortunately the Java app didn’t have a timeout of its own (like “close URL if no data received after X seconds”) so the Java app hung up in that state 
1) Configure the firewall to block/reject any TCP attempt from Netsight 
2) or allow Netsight to access ports 80/443 to * and  *

As a safety measure against such issue occurring in the future, we modified our code to put a timeout on the Java app if data on an opened URL connection doesn’t come in.
This change was added to software version or higher. 
Additional notes



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255