Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Error: "refused connect from xx.xx.xx.xx (name/address mismatch)"

Status
Not open for further replies.
Stinney

Stinney

IS-IT--Management
Nov 29, 2004
2,028
0
36
US

We have an application running on our Solaris and in the past week we've had users running into login issues. The application returns an error that it can't establish a connection.

I checked the message log and found the error: "refused connect from xx.xx.xx.xx (name/address mismatch)"

What we found is if the domain controller has 7 or more records in the PRT this will start to happen. If we clear the PRT and leave only the user's computer name in the PRT the application will connect.

I tried changing the nsswitch.conf so hosts had an entry of: "hosts: files dns [NOTFOUND=return]" but that didn't work.

Is it possible that the DNS server is just taking too long to respond with a reply?

- Stinney

Favorite all too common vendor responses: "We've never seen this issue before." AND "No one's ever wanted to use it like that before.
 
Sort by date Sort by votes
What application is it? Can the matching of IP to DNS be turned off in the application?

I think you meant PTR, not PRT... normally an application will only examine the first (or 'official') hostname it receives from a reverse lookup, so unless you can remove all of the duplicate/alias entries like you described I don't see how you can get around it. Have you any idea why there are so many duplicates?

Annihilannic.
 
Upvote 0 Downvote

The application is Avaya's CMS Supervisor.

I don't manage the domain controllers, so I don't know why there are so many entries.

I do know that we only lease IP addresses for 8 days and several users have laptops and go from floor to floor, connecting to the network and at each location they get a different IP address.

- Stinney

Favorite all too common vendor responses: "We've never seen this issue before." AND "No one's ever wanted to use it like that before.
 
Upvote 0 Downvote
I would read the Avaya documentation or, failing that, contact Avaya to find out whether you can turn off that 'security'.

Annihilannic.
 
Upvote 0 Downvote
First, you probably have lots of entries because scavenging is not enabled or misconfigured. There have been lots of hints about this in the DNS forum.

Perhaps (my guess) that the software only allows connection from xxx.yourdomain.com and since the reverse fails, it doesn't allow it. Perhaps it can be reconfigured to allow certain TCP/IP network numbers so it doesn't do this check?
 
Upvote 0 Downvote

I found the problem. I had someone in the company helping me to set up email on the system. He added a DNS definition in the resolv.conf file where there wasn't one before.

I commented out the added lines and everything is working now.

- Stinney

Favorite all too common vendor responses: "We've never seen this issue before." AND "No one's ever wanted to use it like that before.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

tekmhe
  • Locked
  • Question
Using a PC, how to delete files from a Sunblade 150 IDE drive?
Replies
3
Views
108
SamBones
SamBones
mystradivarius
  • Locked
  • Question
Sun Fire V440 "I need help to replace server"
Replies
2
Views
114
mystradivarius
mystradivarius
SamBones
  • Locked
  • Question
Is ZFS "largefile" Aware?
Replies
2
Views
73
AIXSolarisAdmin
AIXSolarisAdmin
Ramakrishna Jujare
  • Locked
  • Question
Porting applications from AIX to Solaris platform
Replies
0
Views
90
Ramakrishna Jujare
Ramakrishna Jujare
solarworld
  • Locked
  • Question
CHALLANGE - rcp permission error - rsh working ok?
Replies
0
Views
42
solarworld
solarworld

Part and Inventory Search

Sponsor

Back
Top