Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Stopping InterScan Web Virtual Appliance (IWSVA) from using certain TCP/UDP client port numbers

    • Updated:
    • 28 Nov 2018
    • Product/Version:
    • InterScan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A N/A
Summary

You want InterScan Web Virtual Appliance (IWSVA) NOT to use certain TCP/UDP client port numbers because of some specific system restrictions. This article contains the workaround to address this issue.

Details
Public

IWSVA uses the port range starting from 1024 to 65535 as TCP/UDP client port numbers to improve the performance.

However some network filtering systems (such as a firewall) do not allow using certain TCP/UDP client port numbers. Since it can be difficult to implement some specific rules on these systems' side, the following workaround is available in IWSVA in order to address that matter.

To stop using the certain TCP/UDP client port numbers:

  1. Log on to IWSVA as root via SSH (for example with a SSH shell such as PuTTy).
  2. Create a backup of /etc/sysctl.conf:

    # cp /etc/sysctl.conf /etc/sysctl.conf.bak

  3. Use vi to edit the file /etc/sysctl.conf.

    # vi /etc/sysctl.conf

  4. Add the following to the end of the file.

    • Example: To exclude 2000, 2010, 2020:

      net.ipv4.ip_local_reserved_ports=2000,2010,2020
    • Example: To exclude the range from 2030 to 2050:

      net.ipv4.ip_local_reserved_ports=2030-2050
    • Example: To exclude 2000, 2010, 2020 and the range from 2030-2050:

      net.ipv4.ip_local_reserved_ports=2000,2010,2020,2030-2050
  5. Save the file and quit.
  6. Run the following command to refresh with the new configuration:

    # sysctl -p 

Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1121671
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.