298005 - Connection Refused

Agent error code #298005 indicates that the agent attempted to connect to a firewall, but the connection was actively refused. The firewall's host is reachable, but nothing is listening on the specified port, or a firewall rule is blocking the connection.

This error is distinct from timeout errors (#298001): TODO, where the connection attempt receives no response at all. A "connection refused" response means the target host was reached but rejected the connection.

Common causes include:

• The management interface or API service on the firewall is not running
• The port number configured in Knocknoc is incorrect
• A host-based firewall on the target device is blocking the connection
• The firewall's management interface is bound to a different IP address or interface

Steps to Resolve

Verify the Hostname and Port

1. Confirm the hostname or IP address configured in Knocknoc matches the firewall's management interface
2. Verify the port number is correct for the firewall's API (refer to the Knocknoc setup guide: TODOguide for the specific firewall type)
3. If the firewall uses a non-standard port for management, ensure this is reflected in the Knocknoc configuration

Check the Firewall's Management Service

1. Log into the firewall directly (via console or alternate management method) to verify it is operational
2. Confirm the management interface or API service is enabled and running
3. Check if the management service is bound to the correct interface or IP address

Review Access Controls

1. Check if the firewall's management interface has IP-based access restrictions that exclude the agent's IP address
2. Ensure any intermediate network devices or firewalls allow traffic on the management port

Still Having Issues?

We can help you out, contact us at support@knocknoc.io.