NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Alain_Sanchez's avatar
Alain_Sanchez
Aspirant
Feb 13, 2023

Disable in-band management on M4300-28G

I want to disable any in-band management possibility on my M4300-28G and leave only OOB management. Currently I'm using the switch as a router and set the management vlan to 999 which is a vlan that...
schumaku's avatar
schumaku
Guru - Experienced User
Feb 14, 2023

 

 

Alain_Sanchez wrote:

Ok, I'm now filtering access to management services using Management ACLs but I still see some webservice listening on tcp/8443, and I can't find out how to disable it. 

The M4300 series switch does host the REST API service using the https protocol on port 8443 afaik.

 

Alain_Sanchez wrote:

I changed SSH service to port 2200 and activated my Access Profile, then ran an Nmap scan from Internet and it shows port 22 being explicitly filtered but not the new port SSH is listening (2200). Any suggestion? 

Port 22 shows as explicitly filtered because it is eg. remapped internally.

 

Seriously have ports like 2200/tcp mapped and suspect open to the wild Internet?

 

 

 

 

 

LaurentMa's avatar
LaurentMa
NETGEAR Expert
Feb 14, 2023

Hi Team, if you don't want to see the TCP ports opened any more (Rest API and AV UI) please stop the applications and un-install them. You can re-install them later in the CLI if needed.

 

User:admin
Password:********
(M4300-28G) >enable

(M4300-28G) #show application

OpEN application table contains 3 entries.

Name StartOnBoot AutoRestart CPU Sharing Max Memory Preload Version
---------------- ----------- ----------- ----------- ---------- ------- -------------------
AVUI Yes Yes 0 0 Yes 2.2.3.11
RestAgent Yes Yes 0 0 Yes 2.0.1.32
discAgent Yes Yes 0 0 Yes 1.0.0.3


(M4300-28G) #application stop AVUI

Application stopped.

(M4300-28G) #application stop RestAgent

Application stopped.

(M4300-28G) #config

(M4300-28G) (Config)#no application install AVUI

(M4300-28G) (Config)#no application install RestAgent

(M4300-28G) (Config)#exit

(M4300-28G) #save

  • Alain_Sanchez's avatar
    Alain_Sanchez
    Aspirant
    Feb 14, 2023

    LaurentMa 

     

    Firmware version is 12.0.15.7.  Can't see AVUI, RestAgent application but switch still listening on tcp/8443.

     

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More