Joel:
This does not sound like a TCPport problem, since you state ' I got them to
open ports 1500 -
1505 and put each client on its own port. The firewall part works, showing a
session going through w/o a problem. '
This sounds like a cluster install concern. Installing the client on a MSCS
is a little tricky as I am sure you know, the scheduler part is even more
so.
I have a procedure for installing the scheduler and it has worked fine so
far. I can provide it if you would like to verify it against how you
installed your setup..
John Stephens
STORSERVER,Inc
www.Storserver.com
www.Storsol.com
Email: [EMAIL PROTECTED]
-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:[EMAIL PROTECTED]]On Behalf Of
Joel Cooper
Sent: Thursday, April 05, 2001 5:08 PM
To: [EMAIL PROTECTED]
Subject: MSCS and firewalls
I have a situation that I'm having a problem with. I wanted to see if anyone
knows the quick answer. This message is long, so thanks to anyone that reads
it
and even more to anyone that has an idea.
First, ADSM didn't used to be supported through a firewall even though it
would
work in many situations. I don't know in this day and age if that
non-support is
still official. If it is, I really feel it needs to be changed because in
this
age of the Internet, I am having web server TSM clients added like you
wouldn't
believe. If the problem is the client opening up additional ports and not
being
able to predict the random port it will use, why not have an option file
setting
to set valid ports for the client to try? Even if Tivoli won't "support
firewalls", at least give us some functionality where we can do our jobs.
I've
got a few million dollars worth of servers outside firewalls and they
haven't
quit ordering them. So far, we've been backing up about 2 or 3 dozen b/a
clients
and a few SQL agents for awhile through a firewall.
To accomplish this, we've been having our Security department implement
firewall
rules that allow bi-directional TCP/IP traffic on 1500 and 1501. No
problems.
My situation is this: I just setup 2 Windows 2000 based cluster server
(MSCS)
outside a firewall, one for SQL 7.0 and one for Exchange 2000. According to
TSM
v4 instructions, I need a client for the Windows nodes that could run the
cluster and I need a client for each cluster group, in my case a group for
the
quorum and a group for Exchange 2000. With Exchange 2000, I also need the
TDP
for Exchange v2.
I have these clients all installed and they all work manually. My problem is
with the scheduler service. The first service to run on 1500 works; the
subsequent services never answer the server. According to the error logs,
they
found the TCP/IP port busy and picked another at random. It appears they
picked
56582 and then 56583, etc.
I made each service work on 1500 by itself, but I need them to run together.
I
thought the answer was in TCPPort in dsm.opt. I got them to open ports
1500 -
1505 and put each client on its own port. The firewall part works, showing a
session going through w/o a problem. I am getting ANS1017 Session rejected:
TCP/IP connection failure, though. I am not sure why. I'm not getting
activity
log errors for this on my last test.
Does anyone have any ideas? Is this because my server has the option to be
contacted on TCPPort 1500? I don't want to use the Windows scheduler to
handle
this, but I have to cover these servers.
I don't see what a support call will accomplish yet, but if I get a little
more
information I'm willing to try to get some answers.
Thanks in advance,
Joel Cooper
[EMAIL PROTECTED]
