Why are there many different Unix agents using port 1621 on the Vulnerability Manager console computer?
How do I see what Unix agents are using port 1621 on the Vulnerability Manager console computer?
VigilEnt Security Agent for Unix 5.0
NetIQ Vulnerability Manager 5.0
NetIQ Vulnerability Manager 5.5
The VigilEnt Security Agent for Unix talks directly to Core Services, and not the Vulnerability Manager console. All agents registered in Vulnerability Manager use port 1621 to communicate with Core Services.
You can use the
netstat -na command to show the Unix agents currently using port 1621 to connect to Core Services. Some entries may be set to
close_wait status, which indicates that communication has completed, but the connection has not been released. Typically, the connection release from the agent operating system happens very quickly. However, in an environment in which the agents are in remote areas, or there are network throughput issues, connection dropoff can take several seconds to complete.
close_wait status should go away. However, the status might return when the agent needs to communicate with Core Services again. These connections should not cause a problem as long as the Core Services CPU usage is very low. If the connections completely hang and do not go away, restart Core Services and ping the Unix agent computers. If further assistance is needed, please contact NetIQ Technical Support.