Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1001100210031004100510061007100810091010
D-48
Troubleshooting
Troubleshooting the TMS zl Module in Routing Mode
You can view the access policies from the Firewall > Access Policies > Policies
window in the Web browser interface or by entering the show access-policy
command from the CLI.
You Do Not Receive a “Destination unreachable” Message. If you try
to ping a host but an access policy does not allow the ping, you will not receive
a destination unreachable message. Currently, the TMS zl Module works in
stealth mode. If an access policy denies a connection, the TMS zl Module
denies the connection request by dropping the packet without sending such
a message.
You Receive Multiple “IPROUTE: packet spoof detected” Log
Messages. This log message is generated by the internal TMS zl Module
packet spoof detection. When a packet with a source IP address cannot be
reached through any of the TMS routes, this log message will be generated. If
there are a lot of false positives, ensure that proper routes are configured on
the TMS zl Module and add a proper default route.
You Suspect a Problem with an ALG. If you think there is a problem with
an ALG, you may want to temporarily disable the ALG. To do so, complete the
following steps:
1. Access the switch’s CLI and enter the following command:
hostswitch# services <slot ID> 2
2. Move to the global configuration context:
hostswitch(tms-module-C)# configure terminal
3. Disable the ALG by entering:
hostswitch(tms-module-C:config)# no alg <alg>
You Cannot Add a User Group. When trying to add user groups, you
receive one of the following error messages:
Error: Failed to add user group
The group name could not be added.
Ensure that the number of user groups has not exceeded the maximum limit
of 16.