[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference netcad::hub_mgnt

Title:	DEChub/HUBwatch/PROBEwatch CONFERENCE
Notice:	Firmware -2, Doc -3, Power -4, HW kits -5, firm load -6&7
Moderator:	NETCAD::COLELLADT

Created:	Wed Nov 13 1991
Last Modified:	Fri Jun 06 1997
Last Successful Update:	Fri Jun 06 1997
Number of topics:	4455
Total number of notes:	16761

2865.0. "DR90TS and security to disable port on intrusion." by GIDDAY::STANISLAUS () Mon Oct 16 1995 07:28

Also posted in windows NT conference.
-------------------------------------

	An AXP 2100 (Sable) system running Windows NT 3.5.1 is connected to
one DR90TS port which has intrusion security enabled allowing only this
Windows NT server to transmit over that port.

	The 2100 uses the Ethernet Controller on the I/O board.

	This DR90TS is connected to DH90 Thinwire port which also has a 
DECbrouter 90T going out to a WAN.

	A file copy is initiated from a PC client to the above NT server. During
the copy the network connection from the client to the server will break. This
break can occur anytime during the copy - from 5 Mbytes data transfered to the
server or 70 Mbytes of data transfered. It is intermittent.

	The reason for the break is because the DR90TS saw an address on it's
security enabled port which is an address not of the NT server as set above, but
a different address. That address can be a 08-00-2B style or AA-00-04-00 or
00-00-C9 (I think Cisco) style address. Hence the DR90TS thinks there is 
intrusion on that port and disables that port. We are using Hubwatch.

	The interesting thing is that the above addresses are all legal 
station addresses and those addresses may be that of a station on the same LAN 
as the above DH90 or on a different LAN connected via the DECbrouter 90T on 
this DH90. It is never an address of any device that we don't know about.

	If we do not connect the DR90TS in the DH90 backplane and set it up
standalone then we do not have any problem inspite of enabling intrusion 
security to disable the port on the DR90TS.

	Is this a Windows NT problem or DR90TS problem ? Why should the NT
server send an address on that port other than it's own real address. Or is it
the DR90TS wrongly thinks that someone else other than the NT server is
transmitting on that port and hence disables the port. I am planning to 
trace the LAN and see if the NT server did really send an address other than 
it's own on that DR90TS port.

	Any suggestions on this problem.

Alphonse

T.R	Title	User	Personal Name	Date	Lines