I can't open port 6443

Posted: Mon Aug 08, 2022 12:30 pm
by johntwilkins
Hi Folks,

I am running an instance of OpenShift (Red Hat's version of Kubernetes) in my home lab, but I cannot share the API with my coworkers, because I cannot seem to open port 6443 on my Sonic router.

If I go to, navigate to Settings->Firewall->Applications, Pinholes and DMZ Settings, select the node, and select Edit or Delete a User-Defined Application, I can create an entry for OpenShift and it will indicate:

tcp 6442-6444 6443 86400

I've tried setting just the port, a port range, the port range and port, and it seems to accept the setting. However, it does not open the port, and the status screen does not indicate that the port is open--and when I test the URL with the port number, it doesn't connect. I know the URL works inside the firewall.

Can anyone advise on why opening up port 6443 isn't working? I called support and they directed me here.

Re: I can't open port 6443

Posted: Mon Aug 08, 2022 12:45 pm
by johntwilkins
I finally figured it out. When you select Add a User-Defined Application or Edit or Delete a User-Defined Application, it is only adding that application name and port or port range to the list of applications. You then have to scroll through the list of applications, find your added application, then press the Add button.

Technical support wasn't able to help me with this. Maybe you want to create a KBase article or update the technical support folks about how to do this.

Re: I can't open port 6443

Posted: Fri Aug 19, 2022 9:59 am
by brandonc
Hey John,

I'm glad to hear that you were able to figure this out and get things working on your own! I'm sorry that we weren't able to help you with this.

When it comes to editing anything inside the Firewall section of the gateway, we are unable to help or guide customers through that due to the liability risks involved with possibly compromising our customer's network security.

If you ever get stumped on something like this again, I would try posting here in the forums again or searching the forum to see if there's an older thread regarding the same problem. There a lot of really knowledgeable users here that can sometimes help with the more complex/unsupported issues that we are unable to assist with.

Kind regards,