What to do if the Omada Software Controller fails to start on Linux after modifying the port ( Controller 5.5.6 or above)

Omada Software Controller uses HTTPS ports 8043 and 8843 for controller management and portal, respectively, and HTTP port 8088 for both controller management and portal. For more information on which ports are used by Omada SDN Controller, please refer to FAQ3281.

You can modify these ports, for example, change the HTTPS port for controller management to 443, but please note that if you are using Omada SDN Controller on Linux, avoid using port 443, because non-root users are not allowed to run services on this port, which will cause the controller to fail to start.

But what if you have already changed the HTTPS management port to 443 and the controller can’t start? Here are some solutions.

Solution 1. Modify settings in “omada.properties” file.

The “omada.properties” file stores some parameters of Omada SDN Controller, and is usually located in the “/opt/tplink/EAPController/properties/” path. The settings for the ports used by the controller in the file are as follows.

#web config

# After Omada Controller is initialized, the configuration of the following three ports will be overwritten.

manage.http.port=8088

manage.https.port=8043

portal.http.port=8088

portal.https.port=8843

However, once the controller is initialized, your changes to the ports in this file will not take effect, and your changes to the ports on the controller webpage will not be synchronized to this file. That is, even if you have already changed the HTTPS management port to 443, it will still show “manage.https.port=8043” here.

To make the port settings here take effect, you need to manually add a new parameter “web.config.override=true”, and then start the controller, the HTTPS management port will be changed to 8043.

#web config

# After Omada Controller is initialized, the configuration of the following three ports will be overwritten.

web.config.override=true

manage.http.port=8088

manage.https.port=8043

portal.http.port=8088

portal.https.port=8843

Then please change the HTTPS management port to 8043 or other ports above 1024 on controller webpage. After that, edit the “omada.properties” file again and set “web.config.override” to false, or delete the parameter.

Solution 2. Allow non-root users to use privileged ports.

The parameter net.ipv4.ip_unprivileged_port_start defines the first unprivileged port in the network namespace. The value defaults to 1024, which means that ports below 1024 are privileged ports and therefore cannot be used by non-root users.

You can execute the command “sysctl net.ipv4.ip_unprivileged_port_start=443” with root privileges to enable non-root users to use port 443 and above, then start the controller, change the HTTPS management port to 8043 or other ports above 1024 on the controller webpage, and restart the controller.

Then execute the command “systctl net. ipv4.ip_unprivileged_port_start=1024” to restore the default settings, as opening privileged ports to non-root users may pose some risk.