www.brultech.com

Have my GEM configured to deliver data to SEG, but am seeing this odd traffic on my network in addition to the traffic to SEG. Not sure why the GEM is trying to contact 10.10.10.100 on port 18899 in addition to the requested data post. Anyone else seeing this? Do I have something configured wrong?

21:24:46.085979 IP 192.168.1.228.15596 > 10.10.10.100.18899: Flags [S], seq 1810315657, win 17520, options [mss 1460,nop,wscale 0,nop,nop,TS val 20642 ecr 0], length 0

192.168.1.228 is the local address of my GEM.

wstefanc wrote:Have my GEM configured to deliver data to SEG, but am seeing this odd traffic on my network in addition to the traffic to SEG. Not sure why the GEM is trying to contact 10.10.10.100 on port 18899 in addition to the requested data post. Anyone else seeing this? Do I have something configured wrong?

21:24:46.085979 IP 192.168.1.228.15596 > 10.10.10.100.18899: Flags [S], seq 1810315657, win 17520, options [mss 1460,nop,wscale 0,nop,nop,TS val 20642 ecr 0], length 0

192.168.1.228 is the local address of my GEM.

What's your router type? I'd assume it's something to do with that.

Quick Google search brings up this from a Cisco manual:

The following ACL examples show a firewall configuration when the Proxy Server feature is enabled. As with the first example, the CTC workstation address is 192.168.10.10 and the ONS 15327 address is 10.10.10.100. The firewall is attached to the GNE, so the inbound path is CTC to the GNE and the outbound path is from the GNE to CTC. CTC CORBA Standard constant (683) and TCC CORBA Default TCC Fixed (57790).

Thanks for the reply Ben. I think I may have been a bit unclear.

For the record I am using a Ubiquiti EdgeRouter. However, I don't think that has anything to do with what we are seeing. This is traffic is observed from my router using tcpdump. The traffic is from the GEM at 192.168.1.228 with a destination address of 10.10.10.100. The GEM is initiating this traffic. There is no incoming traffic from 10.10.10.100 to the GEM since it is an unrouteable address. As such it is dropped at my router. I am hoping to learn why the GEM is doing this....

wstefanc wrote:Thanks for the reply Ben. I think I may have been a bit unclear.

For the record I am using a Ubiquiti EdgeRouter. However, I don't think that has anything to do with what we are seeing. This is traffic is observed from my router using tcpdump. The traffic is from the GEM at 192.168.1.228 with a destination address of 10.10.10.100. The GEM is initiating this traffic. There is no incoming traffic from 10.10.10.100 to the GEM since it is an unrouteable address. As such it is dropped at my router. I am hoping to learn why the GEM is doing this....

Can you try changing the settings under Network in the Gem Web Interface?

We've recently implemented a TCP2 connection in the past few months, it's possible that the "10.10.10.100" is the modules factory default for that connection.

I am also seeing the same behavior. i.e. I seem the GEM trying to send traffic to 10.10.100.100 on TCP port 18899. I don't use the 10.10 address space at all. My GEMS IP address is 10.0.0.124. My router is a Checkpoint Firewall. I am also uploading to SEG. If I disable uploading to SEG in the Application Settings page, it still is sending traffic to 10.10.100.100.

pmenkel wrote:I am also seeing the same behavior. i.e. I seem the GEM trying to send traffic to 10.10.100.100 on TCP port 18899. I don't use the 10.10 address space at all. My GEMS IP address is 10.0.0.124. My router is a Checkpoint Firewall. I am also uploading to SEG. If I disable uploading to SEG in the Application Settings page, it still is sending traffic to 10.10.100.100.

Same explanation as above, but I'll try to explain it better. In the newest firmware versions, we've enabled a "TCP2" connection. This connection is separate from the one in "Application Settings". It can only be modified using the "Network" page in GEM Setup Webpage. The 10.10.* address is the factory default.

The purpose is that using TCP2 should allow you to use a Server connection in Application Settings, and have a Client connection going at the same time.

That's great. I made changes so I don't have the problem anymore and now I also have the server and client both. YEAH!!!!!!!

Thank you,
Pmenkel