4059IP gives L3 open error while oxe connected behind firewall and DMZ switch

Post Reply
User avatar
gulu
Member
Posts: 18
Joined: 18 Jan 2010 02:07
Location: Qatar

4059IP gives L3 open error while oxe connected behind firewall and DMZ switch

Post by gulu »

Hi All,
I have been facing an issue to make 4059 IP in service when the oxe is connected behind a firewall and a DMZ switch . Error is" L3OPEN,I2 protocol init fail" . However it works fine as soon as oxe not behind firewall and DMZ switch. (attaching working and non working topology for better understanding)

Firewall team says that they have opened all the ports in bi-directional mode , in my wireshark trace taken from 4059 pc i can see TFTP request is not getting complete (wireshark screen shot is attached) hence it is not moving to UDP for further communication.

OXE r 9.0 , 4059ip R 5.5.3 , appreciate your inputs.
You do not have the required permissions to view the files attached to this post.

bjin
Member
Posts: 74
Joined: 14 May 2007 15:19
Location: Sweden
Contact:

Re: 4059IP gives L3 open error while oxe connected behind firewall and DMZ switch

Post by bjin »

Hi there,

Abcacom (which handles all OXE/Abc-a traffic ) first need to ask OXE on which udp port to listen for inbound abc-a messages.
In order to do this TFTP is used, where a "file" (not really a physical file...) is downloaded containing only the port number ( OXE Base Port + 8 )
OXE Base Port is configurable in OXE and is usually either 32000 or 32512, yielding 32008 or 32520 for abc-a.
Abcacom then start listening for inbound abc-a on this port.
This setup is obviously a nightmare from a firewall point of view, but hey, that's the way it works.
Make sure to add abcacom.exe to communicate thru the firewall using both TFTP and ABC-A.

/B
-: I also have a UDP joke, but you might not get it :-

Post Reply

Return to “Attendant”