7

Troubleshooting

Last Update 5 dagen geleden

Restart Platform Services Central Server Network Configuration Guide SecOps Platform (Port 58443) Not Accessible On-Prem Management Console (Port 49431) Not Accessible On-Prem - Agentless Target Machine Prerequisites Check

Central Server Network Configuration Guide

Static IP and DHCP Usage for On-Prem Deployments

Dinesh

Last Update 4 maanden geleden

This document explains how network configuration works for the Central Server, and which configuration must be used in which scenario.
The Central Server must be consistently reachable by agents or target endpoints. If the Central Server IP changes unexpectedly:
  • Agents may stop reporting
  • Scans may fail
  • Manual recovery may be required
Static IP Configuration (Recommended)
During the initial on-prem installation, static IP configuration is applied on the central server. No further network changes are expected after installation in normal scenarios.


Static IP is mandatory for Agent-Based setup, because in agent-based deployments:

  • Agents are configured with the Central Server address during installation
  • Agents continuously communicate with the same server endpoint
  • The server address is expected to remain unchanged
If the Central Server IP changes:
  • Agents cannot automatically rediscover the server
  • Agents appear offline
  • Reconfiguration or re-onboarding will be required
⚠️ Warning
Using DHCP with agents can lead to unstable behavior and frequent agent disconnects.

DHCP Configuration

The Central Server can operate with DHCP, but this is not the default and should be used only when static IP is not feasible.
DHCP may be used when:
  • Central server is roaming across networks
  • The environment is non-persistent
  • Agentless scanning is the primary architecture

In agentless deployments, no agents rely on persistent server IP and scans are initiated from either central server or jump host. If DHCP is used and the Central Server IP changes:

  • Jump host configuration must be updated if any specific jump host is configured
  • Connectivity must be revalidated

⚠️ Warning
Failure to update jump host configuration will result in:

  • Scan failures
  • Connection timeouts
  • Discovery errors

    This is expected behavior and not a product issue.

        Central Server IP Address Change - Required Actions 

        Any change to the Central Server IP address requires manual intervention. The required actions depend on the deployment model (agent-based or agentless) and how endpoints are configured to communicate with the Central Server.
        Central Server Configured Using a Custom Domain
        If the on-prem setup is configured using a custom domain (for example, secops.company.com):
        • All agents and target endpoints should already be configured using the domain, not a raw IP address
        • In this case, no endpoint-level changes are required
        Only the following action is needed:
        • Update the DNS record at the router / DNS level to point the domain to the new Central Server IP
        Once DNS is updated and propagated, communication will resume automatically.This is the recommended approach for environments where IP changes are expected.
        Central Server Configured Using an IP Address
        If the Central Server is configured using a direct IP address, additional steps are required.
        Agentless / Jump-host architecture
        • If a jump host is used, the Central Server IP must be updated manually on the jump host. Any reference to the old IP must be replaced with the new IP.
        Agent-based architecture
        • All agents continue to communicate with the old IP
        • Agents will not reconnect automatically after an IP change
        • Configuration updates are required across all endpoints
          Updating Central Server IP on Linux / macOS Endpoints
          1. Navigate to the agent installation directory:

          2. Open the configuration file

          3. Update the BASE_URL value

          Replace <central_server_ip> with the new Central Server IP.

          4. Restart the agent service

          Repeat this process on all affected endpoints.

          Updating Central Server IP on Windows Endpoints

          1. Navigate to the agent installation directory:

          2. Open the configuration file:
          3. Update the BASE_URL value.
          Replace <central_server_ip> with the new Central Server IP or domain.
          4. Save the file.

          5. Restart the agent service.

          • Open Services (services.msc)
          • Locate the service named: SecopsService
          • Restart the service

          Was this article helpful?

          0 out of 0 liked this article

          Still need help? Message Us