LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices



Reply
 
Search this Thread
Old 09-02-2008, 06:13 PM   #1
bhoros
LQ Newbie
 
Registered: Jun 2008
Posts: 3

Rep: Reputation: 0
RHEL5.2 - Can't register naviagent with EMC SAN properly


I have 2 RHEL 5.2 Servers:
Power Path Insalled and Working
Switches Zoned and working
Naviagent install and running.

The Linux hosts and SAN are in same datacenter just different Subnets. I can not get the host to be managed by the CX3-40.

I updated the agentID.txt /etc/hosts so the HostIDfile.txt is gedtting the proper IP's

I updated the agent.config file with
user system@<sp IP's>

restarted agents even server.

I still can not get the host to be "managed" been on the phone with support and have not gotten very far.

Any tips pointers - something I missed. Sorry if this is not in the right section
 
Old 09-03-2008, 03:51 PM   #2
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,028
Blog Entries: 5

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
Did you open up firewall (iptables) to allow traffic? I ran into problem until I added to iptables.

You can just run "service iptables stop" and test. If it works you know it is iptables and can add rules. If it doesn't then you know iptables wasn't "THE" problem (though it may still be "A" problem).

If they're on different subnets is there a physical firewall device or firewall config on switch/router that needs to be modified?

Are you running SELinux enabled? If so have you looked at impact it may have?

The notes I wrote for myself on updating iptables rules:
Quote:
Clariion Iptables Config - This allows the IPs of CX3-20c to talk to the host
on port 6389 udp and tcp (Port 6389 name is clariion-evr01)

To add permission to iptables on my RHEL hosts:

Verify iptables is running with iptables -L and that its last entry is to block icmp. (If not running iptables -L will only show about 3 lines.)

Then run:
1) iptables -D RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
### Deletes the icmp rule

2) iptables -A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport
clariion-evr01 -j ACCEPT --src 10.0.x.1
### Opens clariion-evr01 TCP port for 10.0.x.1 (SPA on CX3-20c).

3) iptables -A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport
clariion-evr01 -j ACCEPT --src 10.0.x.1
### Opens clariion-evr01 UDP port for 10.0.x.1 (SPA on CX3-20c).

4) iptables -A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport
clariion-evr01 -j ACCEPT --src 10.0.x.2
### Opens clariion-evr01 TCP port for 10.0.x.2 (SPB on CX3-20c).

5) iptables -A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport
clariion-evr01 -j ACCEPT --src 10.0.x.2
### Opens clariion-evr01 UDP port for 10.0.x.2 (SPB on CX3-20c).

3) iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
### Readds the icmp rule as last rule.

4) iptables-save >/etc/sysconfig/iptables
### Saves to file read on iptables start.
Step 4 is necessary so after a reboot or bounce of iptables it will re-
establish the rules

Steps assume 6389 for clariion-evr01 tcp and udp are in /etc/services already.
Entries in /etc/services were:
clariion-evr01 6389/tcp # clariion-evr01
clariion-evr01 6389/udp # clariion-evr01
Or you could just use 6389 instead of name in the rules you're adding.
Of course you'd substitute the actual IP addresses of your CX3-40's SPA and SPB for the 10.0.x.1 and 10.0.x.2 in the foregoing.

Last edited by MensaWater; 09-03-2008 at 03:52 PM.
 
1 members found this post helpful.
Old 09-03-2008, 09:55 PM   #3
bhoros
LQ Newbie
 
Registered: Jun 2008
Posts: 3

Original Poster
Rep: Reputation: 0
SELinux Disabled - will double check tomorrow

Here is iptables results

]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
the
 
Old 04-19-2012, 12:58 PM   #4
keith.evans
LQ Newbie
 
Registered: Jun 2009
Posts: 2

Rep: Reputation: 0
Thumbs up Thank you...

This post was very helpful and helped me resolved my outstanding issues.
 
Old 04-19-2012, 01:53 PM   #5
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,028
Blog Entries: 5

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
It's funny how posts I've completely forgotten about still get responses after all this time. Glad it helped you. Funny thing is it appears the OP never responded whether it helped. I often wonder if folks like that got kidnapped after posting.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How do I create a partition on our SAN, RHEL Qlogic and EMC krigby Linux - Enterprise 13 08-07-2011 08:07 AM
RHEL5 Boot From SAN mkono Linux - Enterprise 10 05-06-2010 04:02 PM
EXT3 Filesystems (EMC SAN) Keeps Going Read-Only!!! Othyisar Linux - Hardware 1 08-04-2008 01:28 PM
Can not see LUNs attached to FA's above 255 on EMC DMX using RHEL5.1 and emulex HBA'a dfezz1 Linux - Enterprise 1 04-17-2008 10:42 AM
RHEL5 with Emulex and EMC Zainer Araujo Linux - Newbie 0 12-11-2007 05:54 AM


All times are GMT -5. The time now is 11:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration