Stef, Note: this is a personal view.
There are usually two ports involved in a TCP communication: the listening and the talking port. What is usually defined during a TCP dependent software configuration is the listening port which has to be static, while the talking port is randomly generated by the system. And since the value of your schedmod is "polling", port 32850 might be the one your client was using to try poll the server and it timed out because the server didn't response back. Jimmy. issue on the server. --- Stef Coene <[EMAIL PROTECTED]> wrote: > On Friday 10 September 2004 22:02, T. Lists wrote: > > Hey all - I know this one has been asked before, > but I > > can't seem to find a solution to my problem. IBM > has > > been a bit snitty - telling me it's a > > "communications/network" problem. Ok, maybe not > > snitty - maybe I'm just having a bad day. > > > > Anyway. > > > > TSM server AIX 5.1, TSM 5.2.0 > > Linux client TSM 5.2.3 > > > > The linux client is in the dmz outside the > firewall. > > (And, for the record, I've never set up a client > that > > was outside the firewall) I've tried both the > "method > > 1" and "method 2" called out in the Unix BA > manual. > > Now I'm concentrating on "method 1" which is the > > method where you open ports on the firewall. > > > > Have asked my firewall admin to open ports 1500, > 1501, > > 1581. He says they are open. > 1500 is enough > > > dsm.sys contains (among other things) > > COMMmethod TCPip > > TCPPort 1500 > > TCPServeraddress <server ip addr> > > passwordaccess generate > > schedmode polling > > nodename lin01 > > tcpclientaddress <client ip addr> > > httpport 1581 > > tcpclientport 1501 > > webports 1582 1583 > > > > Simply trying a "dsmc inc" from the client > eventually > > times out with: > > > > [EMAIL PROTECTED] var]# dsmc inc > > IBM Tivoli Storage Manager > > Command Line Backup/Archive Client Interface - > > Version 5, Release 2, Level 3.0 > > (c) Copyright by IBM Corporation and other(s) > > 1990, 2004. All Rights Reserved. > > > > Node Name: LIN01 > > ANS1017E Session rejected: TCP/IP connection > > failure > > > > > > Running a tcpdump during this shows that the > > destination port that is trying to be reached is > 1500 > > on the server (which is correct), but the source > port > > on the client is 32850. I assume my problem is > > because the firewall admin hasn't opened port > 32850 - > > however from other posts I gather this is a > randomly > > assigned port on the client? Is it governed by a > > parameter I'm unaware of? Or, might this not be > my > > problem at all? > That's not the problem. > Your client connects TO port 1500 on the TSM server. > So you have to open port > 1500 to your TSM server. But each connection > requires also a port on the > client to receive data and that's port 32850. But > the firewall knows this > and will allow the packets coming back. > > Just open the port 1500 from the client in the dmz > to the server in your lan > and it shoud work. > > Stef > __________________________________ Do you Yahoo!? Y! Messenger - Communicate in real time. Download now. http://messenger.yahoo.com
