Network Configuration Using the TGSH Dialog

The initial Threat Grid Appliance network configuration is completed during the appliance setup using the TGSH Dialog, as documented in the Cisco Threat Grid Appliance Getting Started Guide. This chapter provides additional information about using the TGSH Dialog to make changes to your initial network configuration:

Modifying Network Configuration

The initial network configuration is completed using the TGSH Dialog. If you want to make changes to your initial network configuration, perform the following steps.


Note

If you are using DHCP to obtain IPs, see the Network section.

Procedure

Step 1

Login to TGSH Dialog.

Note 

If you are configured for LDAP Only authentication, you can only log into TGSH Dialog using LDAP. If authentication mode is set to System Password or LDAP, the TGSH Dialog login only allows the System login.

Step 2

In the TGSH Dialog interface, select CONFIG_NETWORK.

The Network Configuration console opens and displays the current network settings.

Step 3

Make any necessary changes (you need to backspace over the old entry before you can enter the new one).

Step 4

Leave the Dirty network DNS Name blank.

Step 5

After you finish updating the network settings, tab down and select Validate to verify your entries.

If errors occur, fix the invalid values and select Validate again.

After validation, the Network Configuration Confirmation page displays the entered values

Step 6

Select Apply to apply your configuration settings.

Detailed information about the configuration changes that have been made are displayed.

Step 7

Select OK.

The Network Configuration console refreshes again and displays the IP addresses. Network configuration is now complete.

Reconnecting to TGSH Dialog

TGSH Dialog remains open on the console and can be accessed either by attaching a monitor to the appliance or, if CIMC is configured, via remote KVM.

To reconnect to the TGSH Dialog, SSH into the Admin IP address as the user threatgrid. The required password is either the initial randomly generated password, which is visible initially in the TGSH Dialog, or the new Admin password you created during the first step of the Admin UI configuration (see the Cisco Threat Grid Appliance Getting Started Guide.

Configuring Network in Recovery Mode

Network configuration in recovery mode mirrors the full system (v2.7 and later):

  • All interfaces are brought up.

  • Firewall rules and policy routing restricts which processes can communicate on which interfaces.


Note

Support mode traffic on port 19791 is allow-listed across all three interfaces.

Perform the following steps to set up networking in recovery mode.

Procedure

Step 1

Reboot the Threat Grid Appliance (Operations > Power > Reboot) and then choose Recovery Mode in the boot menu.

Step 2

Once the system is up, press Enter several times to get a clean command prompt.

Step 3

Enter netctl clean and provide the following information:

  • Configuration type - static

  • IP Address - <Clean IP Address>/<Netmask>

  • Gateway Address - <Clean network gateway>

  • Routes - <leave blank>

  • Final Question - Enter y
Step 4

Enter Exit to apply the configuration.

The appliance will attempt to open an outbound support connection on the Clean interface on port 19791/tcp.