Attempts to Mount a File System with In-transit Encryption Do Not Respond or Fail

Symptom: When mounting a file system using in-transit encryption, the process does not respond or fails.

Cause 1: Port 2051 is not open to TLS (Transport Layer Security) traffic. In-transit encryption uses TLS v.1.2 encryption.

Solution 1: Add the following rules to the security list for the VCN the mount target resides in, or add them to a network security group (NSG) associated to the mount target:

  • A stateful ingress rule allowing TCP traffic to a Destination Port Range of 2051.
  • A stateful egress rule allowing TCP traffic from a Source Port Range of 2051.

For more information about security rules for in-transit encryption, see Using In-transit Encryption.

For general information about security rules, see Configuring VCN Security Rules for File Storage.

Cause 2: The version of oci-fss-utils is out of date.

Solution 2: Upgrade to the newest version of oci-fss-utils:

  1. Uninstall the old oci-fss-utils package. For instructions, see To uninstall the OCI-FSS-UTILS package.
  2. Download and install the newest version of the oci-fss-utils package. For instructions, see Task 1: Download the OCI-FSS-UTILS package and Task 2: Install the OCI-FSS-UTILS package on Oracle Linux or CentOS.
  3. Remount the file system. For instructions, see Task 3: Mount the file system with the encryption command.