Re: [ADSM-L] backup via NAT with TSM
2008-09-03 14:41:09
Hello,
when configuring the client through a firewall like you are doing,
you need to use the "webports xxx yyy" tsm client option to assign
specific ports to the dsmcad/agent processes.
If you use the webports option and specify the ports you want,
those same ports will be used even on restart of the client.
For example,
webports 1591 1592
httpport 1581
The port 1581 will be used for the web client communication.
The port 1591 will be used for dsmcad process.
The port 1592 will be used for the web client remote agent service.
The high random port you are seeing is the one that gets assigned
to the dsmcad process because you are using the default webports
option. The default value for webports is "webports 0 0" which causes
the TSM client to randomly assign a free port number, just like
you have observed.
Bye !
Rejean Larivee NOTICE:TSM 5.3 End of Support April
IBM Tivoli Storage Manager Level 2 2008
Software Support IBM Tivoli Storage Manager Support
Home
-How to gather documents for IBM
TSM support
-Instruction Manuals
-Recommended fixes for IBM TSM
products
"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 08/18/2008
11:51:21 AM:
> Problem is that in PROMPTED mode every time dsmcad is run it opens
> some random high port, and you can never know what it is.
> # netstat -tlpn | grep dsmc
> tcp 0 0 0.0.0.0:32769 0.0.0.0:*
> LISTEN 4024/dsmcad
> tcp 0 0 0.0.0.0:1581 0.0.0.0:*
> LISTEN 4024/dsmcad
> # pkill dsmcad
> # dsmcad
> # netstat -tlpn | grep dsmc
> tcp 0 0 0.0.0.0:37376 0.0.0.0:*
> LISTEN 14716/dsmcad
> tcp 0 0 0.0.0.0:1581 0.0.0.0:*
> LISTEN 14716/dsmcad
>
> that means that firewall admin needs to open up a whole range of high
> TCP ports between particular client and the server which is not very
> good security wise and plain ugly.
> If client sits behind NAT, using POLLING mode is the only way to go IMHO.
>
> 2008/8/18 Howard Coles <Howard.Coles AT ardenthealth DOT com>:
> Your Firewall/NAT admin(s) should be able to tell you which ports
> they see communications attempted.
> >
>
>
> --
> Warm regards,
> Michael Green
|
<Prev in Thread] |
Current Thread |
[Next in Thread> |
- Re: [ADSM-L] backup via NAT with TSM,
Rejean Larivee <=
|
|
|