Attempts to Mount a File System with In-transit Encryption Do Not Respond or Fail
Symptom: When mounting a file system using in-transit encryption, the process does not respond or fails.
Cause 1: Port 2051 is not open to TLS (Transport Layer Security) traffic. In-transit encryption uses TLS v.1.2 encryption.
Solution 1: Add the following rules to the security list for the VCN the mount target resides in, or add them to a network security group (NSG) associated to the mount target:
- A stateful ingress rule allowing TCP traffic to a Destination Port Range of 2051.
- A stateful egress rule allowing TCP traffic from a Source Port Range of 2051.
For more information about security rules for in-transit encryption, see Using In-transit Encryption.
For general information about security rules, see Configuring VCN Security Rules for File Storage.
Cause 2: The version of
oci-fss-utils is out of date.
Solution 2: Upgrade to the newest version of
- Uninstall the old
oci-fss-utilspackage. For instructions, see To uninstall the OCI-FSS-UTILS package.
- Download and install the newest version of the
oci-fss-utilspackage. For instructions, see Task 1: Download the OCI-FSS-UTILS package and Task 2: Install the OCI-FSS-UTILS package on Oracle Linux or CentOS.
- Remount the file system. For instructions, see Task 3: Mount the file system with the encryption command.