Source IP address

ivandem

ADSM.ORG Member
Joined
Oct 6, 2003
Messages
86
Reaction score
1
Points
0
Location
Richmond Hill
Website
www.sentia.ca
PREDATAR Control23

Hi Folks,

I've got an SSL error coming through my TSM server...

ANR8583E An SSL socket-initialization error occurred on session 209186. The GSKit return code is 420. (SESSION: 209186)

This error occurs every 20 minutes; all day, every day. All clients are connecting with no issues. I think it's the firewall (Fortigate) just doing a check on the SSL port to ensure it's up (btw, all clients are external) but my firewall guys can't confirm this. Can turning on verbose logging in TSM tell me the source IP address even tough there is no node associated? And is so, what is the line to insert in dsm.opt. At least then I'd know if it's internal or external.

Thanks

John
 
PREDATAR Control23

Thanks for the reply, but it's not an SSL error, at least not directly.

Every client is successfully connected VIA SSL with 0 issues.

Under normal circumstances there would be an IP address listed, and for the client connections there is. However, I think because the connection is never really established, it's not noting the address in the actlog; Hence the need for more verbose logging.
 
PREDATAR Control23

The instructions for tracing are here:
http://www-01.ibm.com/support/knowl...ot.doc/t_pdg_enbltrcsrvrstgagent.html?lang=en

The list of trace classes you can use are here:
http://www-01.ibm.com/support/knowl...ot.doc/t_pdg_enbltrcsrvrstgagent.html?lang=en

Probably need TCP and SSLINFO. Don't use too many trace classes, the output will get large quick.

You may still need IP tracing outside of TSM, if like you say, the connection is not establish, so it's possible the OS never pass the IP to the application.
 
PREDATAR Control23

For "ANR8583E An SSL socket-initialization error occurred on session 209186. The GSKit return code is 420. (SESSION: 209186)" does the SESSION number change every time the error pops up?
 
PREDATAR Control23

Is the session number identified (or, can be identified) to a certain node?

If not, then it seems that somehow another device that is not SSL complaint with TSM is trying to access the TSM server.

I doubt if the firewall is doing this.
 
Top