[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]
John Stoffel john.stoffel@taec.toshiba.com
Thu, 7 May 2009 20:34:21 GMT
Zonker> Here's some more info...given that I can't talk about some Zonker> specifics. :-) Heh, security through obscurity. :] Zonker> For simplicity, let's call my conserver the "Lab", and the Zonker> other one is "Other"... Zonker> The Other conserver shares a subnet with a group of console Zonker> servers. There is no router there. (I found this out after my Zonker> last message...) So, the Other conserver host has two legs, Zonker> one for the Management Net, and the other to the console Zonker> servers. Zonker> * I was trying to get access to two console servers Zonker> directly, to access one port on each, while the Other Zonker> conserver would still have control of all the other ports. (I Zonker> knew that there was no VPN gear terminating on that console Zonker> server net. I was thinking I needed a proxy, so I could get Zonker> through their router...but there isn't one.) OK, I can't get Zonker> there from here. :-( Umm... why? If you've already got a conserver Other managing ports on that subnet, why the need for "Lab" to access "Other" ports? Zonker> ** Due to security policies, I can't get a non-person Zonker> account on the Other conserver, so my monitoring host cannot Zonker> try to access the Other conserver to do tests. :-( Zonker> BUT, my Lab conserver CAN access hosts on the subnet with Zonker> the two hosts that I care about, so I'm going to buy an 8-port Zonker> BREAK-safe console server, and get another IP on that subnet. Zonker> One of the hosts I care about is relatively critical to Zonker> day-to-day operations, so I need a BREAK-safe answer. And, I Zonker> also can't put another conserver on that host...when I need it Zonker> (to diagnose a problem on that host), it may be unavailable. Zonker> The second host will be a newer replacement for the first Zonker> host. While it's not mission-critical YET, it will be critical Zonker> before the other machine can be decommissioned (so, it's also Zonker> not a good candidate to an alternate conserver host). Both Zonker> servers are SUN hardware. So basically, it sounds like you're trying to setup a conserver for the production WAN network which is firewalled off. And manage it from your Lab network. Honestly, it doesn't make sense to make to do it this way, but I'm sure politics and management play into this. Zonker> I'm sorry that I've missed the LISA hallway track the past Zonker> couple years. But if anyone will be laying over in the SF Bay Zonker> Area sometime, let me know, and we'll try to catch up in Zonker> person again. Yeah, I agree. I'm bummed I've missed LISA in general the past few years. Maybe once this recession is over (and my kids are a little older) I'll be able to make these again. John