Resolution
Why are there many different Unix agents using port 1621 on the Vulnerability Manager console computer?
goal
How do I see what Unix agents are using port 1621 on the Vulnerability Manager console computer?
fact
VigilEnt Security Agent for Unix 5.0
fact
NetIQ Vulnerability Manager 5.0
fact
NetIQ Vulnerability Manager 5.5
fix
The VigilEnt Security Agent for Unix talks directly to Core Services, and not the Vulnerability Manager console. All agents registered in Vulnerability Manager use port 1621 to communicate with Core Services.
You can use the netstat -na command to show the Unix agents currently using port 1621 to connect to Core Services. Some entries may be set to close_wait status, which indicates that communication has completed, but the connection has not been released. Typically, the connection release from the agent operating system happens very quickly. However, in an environment in which the agents are in remote areas, or there are network throughput issues, connection dropoff can take several seconds to complete.
Eventually the close_wait status should go away. However, the status might return when the agent needs to communicate with Core Services again. These connections should not cause a problem as long as the Core Services CPU usage is very low. If the connections completely hang and do not go away, restart Core Services and ping the Unix agent computers. If further assistance is needed, please contact NetIQ Technical Support.