cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Changing IP address of Standalone 80.10 appliance

We have a standalone appliance running 80.10.  We need to change the management IP.

I came across a previous inquiry post, but the system in that case was running 77.30 and it turned out they were only wanting to change the IP of an interface that isn't tied to the Security Management.

I did go over sk40993 "How to change the IP Address of a Security Management" but that seems to assume that the Security Management is a separate server with it's own IP.

In my case there's only one object related to the appliance.  If I change the IP of the object to the new IP, then SmartConsole is unable to push the policy as it then loses connection to the gateway side of the appliance.

If I then change the management IP in Gaia, then I lose the SmartConsole connection.  If I then try to reconnect SmartConsole to the appliance, it won't connect.   It is as if the Security Management is still using the original IP.

I assume cpstop/cpstart restarts the Security Management server ("api status" seems to show this to be the case) but that doesn't seem to have the Security Management server in the standalone start using the new IP.

If I go back to Gaia and change the IP back to the original IP, then I can reconnect SmartConsole to the Security Management.

I looked into sk103356 but there's no ICAip in the registry, nor was I able to find any IP reference in said registry.

Once I get SmartConsole to be able to connect to the new IP and show connection to the gateway, I can handle any other IP related changes.

Originally when I changed the IP from the appliance front panel, I would get locked out of Gaia completely, as the policy wasn't allowing connections to the new IP.   I added an object with the new IP to allow the connection so with either IP configured, I can at least connect to Gaia.

How do I fix this short of running the First Time Configuration again?

0 Kudos
1 Reply
Admin
Admin

Re: Changing IP address of Standalone 80.10 appliance

Suggest creating explicit rules that permit HTTPS (TCP 443), CPMI (18190), and CPM (19009) from your SmartConsole machine to the new gateway IP.
Do not change the IP of the gateway object yet.
Push policy.
Then try changing the IP of the relevant object in SmartConsole.
0 Kudos