Source IP address

ivandem

ivandem

ADSM.ORG Member
Joined
Oct 6, 2003
Messages
86
Reaction score
1
Points
0
Location
Richmond Hill
Website
www.sentia.ca
Hi Folks,

I've got an SSL error coming through my TSM server...

ANR8583E An SSL socket-initialization error occurred on session 209186. The GSKit return code is 420. (SESSION: 209186)

This error occurs every 20 minutes; all day, every day. All clients are connecting with no issues. I think it's the firewall (Fortigate) just doing a check on the SSL port to ensure it's up (btw, all clients are external) but my firewall guys can't confirm this. Can turning on verbose logging in TSM tell me the source IP address even tough there is no node associated? And is so, what is the line to insert in dsm.opt. At least then I'd know if it's internal or external.

Thanks

John
 
Thanks for the reply, but it's not an SSL error, at least not directly.

Every client is successfully connected VIA SSL with 0 issues.

Under normal circumstances there would be an IP address listed, and for the client connections there is. However, I think because the connection is never really established, it's not noting the address in the actlog; Hence the need for more verbose logging.
 
The instructions for tracing are here:
http://www-01.ibm.com/support/knowl...ot.doc/t_pdg_enbltrcsrvrstgagent.html?lang=en

The list of trace classes you can use are here:
http://www-01.ibm.com/support/knowl...ot.doc/t_pdg_enbltrcsrvrstgagent.html?lang=en

Probably need TCP and SSLINFO. Don't use too many trace classes, the output will get large quick.

You may still need IP tracing outside of TSM, if like you say, the connection is not establish, so it's possible the OS never pass the IP to the application.
 
For "ANR8583E An SSL socket-initialization error occurred on session 209186. The GSKit return code is 420. (SESSION: 209186)" does the SESSION number change every time the error pops up?
 
Is the session number identified (or, can be identified) to a certain node?

If not, then it seems that somehow another device that is not SSL complaint with TSM is trying to access the TSM server.

I doubt if the firewall is doing this.
 
You must log in or register to reply here.

Data Privacy Impact Assessment

Compliance Assurance in Every Byte: Discover the Impact of Our DPIA Services.

Sponsor ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

Navigation Menu

Forums
   IBM TSM
   EMC Backup and Recovery
   Symantec NetBackup  
   SAN  
   NAS
   Platforms / OS
Mailing List Archives
   ADSM-L
User Groups

NordVPN 3 Months FREE

Help Support ADSM.ORG and Get NordVPN with 64% Off and 3 Months FREE.

NordVPN with 64% off + 3 months FREE

Forum statistics

Threads
31,967
Messages
135,413
Members
21,944
Latest member
TheBez
Back
Top