Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP traffic denied

Status
Not open for further replies.
GaZZaW

GaZZaW

Technical User
Sep 3, 2002
44
NL
Hello,
We are busy with an IP migration in our enterprise from 192.168.x.x to 10.x.x.x and we have an incident than no one seems to have an answer to.
Its about data traffic between a Novell 5.1 sp6 server and an ndps printer at a remote location.
The remote office is now on a 10.x.x.x network and the server is still on the 192.168.x.x network. The route to the new IP has been changed and all works wel.
The problem is that the server still is trying to communicate with the printer at the old address, but seeing as this is no longer reachable the traffic is routed to the firewall and gets dumped.. also not a problem really but the logging on the firewall is becoming a problem. Its logging 10 denies per second = 864000 per day = 140Mb extra info in the log and our security officer is getting a bit fed up with it. Here is a sample of the log.
********************************************************
Feb 16 05:47:10 10.0.15.254 Feb 16 2006 05:47:10: %FWSM-3-106011: Deny
inbound (No xlate) tcp src inside:192.168.15.249/893 dst
inside:192.168.147.195/515
*********************************************************
Our NDS admins dont have an answer. They have removed the printer object and replaced it five or six times but this has no effect
Does anyone here have any Ideas?
A real brain teaser

Thanks in advance

Gary
 
Sort by date Sort by votes
Odd. NDS healthy? Timesync good?

Suggest removing the printer from NDS and waiting an hour to see if the traffic stops.
 
Upvote 0 Downvote
The idea man just arrived..

- Check your hosts file. Make sure you have a 'localhost' entry and that it says 127.0.0.1. This fouls up many many NDPS configurations.
- You never said anything about changing the IP address of the printer agent.. Did you?
- What object was deleted? NDS object out of NWADMIN or iManager? What about the Printer agent running on the server?
- You might want to try changing the IP address of the agent on the server console through the NDPS manager.. Depending on your configuration, this could be your hangup.
- You said you updated the route information... are you talking about on the Server itself in INETCFG?
- Can you ping the printer at the new address from the server console?

Why not just setup a new printer to the new IP address and see how that works? Then dump the one that is apparently malfunctioning and push out drivers for the new one. Easy deal.



Marvin Huffaker, MCNE
 
Upvote 0 Downvote
Adding onto what Marv said, when you delete the NDPS Printer object, it doesn't remove the Printer from the NDPS Manager so check on the NDPS Manager to ensure it has definitely been removed.

When you delete the NDPS Printer, you will get a message similar to "This printer is the only printer representing the Printer Agent. Deleting it will make the Printer a Pubic Access printer. Do you want to delete the printer anyway?". This indicates that the printer will still be accessible even though the NDPS Printer object has been deleted.

If you delete the Printer from the NDPS Manager (from the server or from the NDPS Manager object in NetWare Administrator), you get a message stating that if you proceed, the NDPS Printer object will be deleted also. IMHO this is the favourabe way to delete NDPS Printers

------------------------------------------------------------------------------------
"Life is like a box of chocolates, you never know what you're gonna get!"
------------------------------------------------------------------------------------
 
Upvote 0 Downvote
Thanks guys for pointing me in the right direction.
It was the printer agent. The local system adminstrator had configured the printer with a new host name and IP and hadnt deleted the old printer agent with old IP instead of just changing the IP on the agent with the old printer name... and he never told anyone that!!! After stopping the broker on the server and seeing that the denies stopped we soon found what it was.
Morel of the story.. never trust a local sys admin without a CNA cert :)

thanks again

Gary
 
Upvote 0 Downvote
I never trust some of the CNE's I work with because they wouldn't know a NetWare server if it came and bit them on the backside lol. My moral is that anyone can pass an exam but it takes a bit more than that to become an expert :D

------------------------------------------------------------------------------------
"Life is like a box of chocolates, you never know what you're gonna get!"
------------------------------------------------------------------------------------
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Ymax18
  • Locked
  • Question
Does Citrix XenDesktop require a static IP?
Replies
0
Views
70
Ymax18
Ymax18
peacefulhappybs247
  • Locked
  • Question
Peculiar permission denied error w/ Samba
Replies
0
Views
38
peacefulhappybs247
peacefulhappybs247
njadmin
  • Locked
  • Question
Netware 6.5 change IP - SERVER DOWN!
Replies
1
Views
49
njadmin
njadmin
porkchopexpress
  • Locked
  • Question
Unique IP address for each client
Replies
5
Views
95
itsp1965
itsp1965
Carlatto
  • Locked
  • Question
Citrix Secure Gateway using F5 Big-IP
Replies
0
Views
35
Carlatto
Carlatto

Part and Inventory Search

Sponsor

Back
Top