(PM) Portmaster talking to Host port Q

Lil' Feet (cbissell@frii.com)
Mon, 26 Jan 1998 14:07:04 -0700 (MST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kevin A. Smith: "Re: (PM) Single D / multiple PRI (fwd)"
Previous message: Dan Geiger: "(PM) Livingston Seminar in a town near you??"

> I have a cisco 4700 and several pm3's running 3.7.2 ComOS. In the error
> log for the access lists, several of these errors showed up:
>
> Jan 23 16:30:36 frii-gw-e0 672262: %SEC-6-IPACCESSLOGP: list 103 denied
> tcp 208.146.240.204(1011) -> 208.146.240.3(0), 254 packets
>
>
> 208.146.240.3 is our default host and 208.146.240.204 is the portmaster.
> 1011 is the port on the pormaster and 0 is the port on the default host.
> When I log into the portmaster and type a 'sh netc' I have several of
> these entries:
>
> 119 0 0 pm-ftc-04.frii..1011 io.frii.com.0 CONNECTING
> 118 0 0 pm-ftc-04.frii..1011 io.frii.com.0 CONNECTING
> 117 0 0 pm-ftc-04.frii..1011 io.frii.com.0 CONNECTING
> 115 0 0 pm-ftc-04.frii..1011 io.frii.com.0 CONNECTING
> 114 0 0 pm-ftc-04.frii..1011 io.frii.com.0 CONNECTING
> 113 0 0 pm-ftc-04.frii..1011 io.frii.com.0 CONNECTING
>
> My question is why is 2 of my pormasters (out of 4) tyring to connect from
> port 1011 to port 0 on the default host several times and failing? What
> is port 0?

Nothing.. ;) Zero is not a valid port in IP. Were there any users trying
to login (and therefore connecting to the default host) when this
was going on? Were they successful?

---> We usually only have a couple of users logged into the default host,
---> however there are several net connections shown on the port master.
---> At this time their was no one trying to connect to the default host.

Try a "reset n#" where '#' is the number on the very far left. Does the
connection disappear or does it persist?

---> When I try "reset n57" I get this response:
---> Couldn't reset network connection 57.
---> Error: Usage: Unknown RESET parameter
---> Error: Usage: reset Port_Name|all|console

Do a "netstat -an" ON your default host, are there any corresponding
sockets open? If so, what state are they in?

---> There are no corresponding connections on the default host
---> Is port 1011 a telnet port? Are these possibly dead connections that
---> have not been closed properly?

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.

Next message: Kevin A. Smith: "Re: (PM) Single D / multiple PRI (fwd)"
Previous message: Dan Geiger: "(PM) Livingston Seminar in a town near you??"