TRC gateway

system · July 25, 2013, 11:17am

(imported topic written by Federico.Vietti)

Dear all,

I’m trying to configure a TRC gateway to allow access to segregated network.

I’ve got a TRC server on a linux machine and a trc gateway on a Windows machine (the same machine of TEM server). I’ve configured a TRC gateway on TRC admin server under Admin > New Remote Control Gateway.

What I have now to do to say to the TRC Server to always use TRC gateway for all target?

thank you

regards

system · July 25, 2013, 2:10pm

(imported comment written by 978-0201616224)

Hi Federico,

What you did there causes the gateway to be used for all RC sessions. Are you asking whether you need to tell TRC what gateways should be used for different groups of targets? The answer is no.

The way TRC works is that it tries to locate the target on the local network as well as via any configured gateways at the same time.

HTH,

Chris

system · July 25, 2013, 5:12pm

(imported comment written by Federico.Vietti)

First of all, thank you Chris.

I’ve tried to do this, on my client I’ve created a outbound firewall rules that stop connection to target for port 888.

I’ve the tried to create a remote session:

Logon on TRC console
Select TRC target
Strart active session

But this does not work.

Where the information of try to use Gateway is stored? in the downloaded JNPL?

thank you again

system · July 25, 2013, 8:59pm

(imported comment written by 978-0201616224)

Hi Federico,

Yes – all the IP addresses of the gateways that you registered under the Admin menu will be listed in the JNLP file under the --gw_list argument.

If you save and edit the JNLP before you launch it, add the following line just before the first line, to enable debug tracing in the controller. The controller then creates a trctrace-*.log file for this session in your home directory (i.e. C:\Users\federico or C:\Documents and Settings\federico).

HTH,

Chris

system · July 26, 2013, 10:47am

(imported comment written by Federico.Vietti)

Hi Chris,

what line have I to add?

regards

system · July 26, 2013, 12:33pm

(imported comment written by 978-0201616224)

Hi Federico,

Apologies, I didn’t notice I missed out the line to enable the trace log:

<argument>--debug</argument>

HTH,

Chris

system · July 26, 2013, 5:33pm

(imported comment written by Federico.Vietti)

Ok, this is the generated log:

2013-07-26 13:28:41 GMT 33 INFO - Starting IBM Endpoint Manager for Remote Control Controller Trace log

2013-07-26 13:28:41 GMT 33 INFO - Remote Control Controller build: 9.0.0.0102

2013-07-26 13:28:41 GMT 33 INFO - Operating system: Windows 7 (x86)

2013-07-26 13:28:41 GMT 33 INFO - Java version: 1.7.0_25 (Oracle Corporation)

2013-07-26 13:28:41 GMT 33 INFO - Session model: com.ibm.uk.greenock.ayudame.app.TRCSessionModel

2013-07-26 13:28:41 GMT 33 INFO - Command line arg: --host=10.16.63.79;

2013-07-26 13:28:41 GMT 33 INFO - Command line arg: --port=888

2013-07-26 13:28:41 GMT 33 INFO - Command line arg: --auditurl=http://10.105.148.66:80/trc/uploadAudit

2013-07-26 13:28:41 GMT 33 INFO - Command line arg: --uploadurl=http://10.105.148.66:80/trc/uploadRCInfo.do

2013-07-26 13:28:41 GMT 33 INFO - Command line arg: --help=–debug

2013-07-26 13:28:41 GMT 33 INFO - Command line arg: --configurl=http://10.105.148.66:80/trc/getControllerConfig.do

2013-07-26 13:28:42 GMT 33 INFO - Loading extensions from [C:\Users\G.BUCALO\Downloads\extensions]

2013-07-26 13:28:42 GMT 33 INFO - Command line arg: --session=Attivo

2013-07-26 13:28:42 GMT 33 INFO - Command line arg: --token=5c9fb58782af3de288439b16772bfe125d4dabd5420a192f85955426b4967b97

2013-07-26 13:28:42 GMT 33 INFO - Command line arg: --hostname=fptitmquxlp71

2013-07-26 13:28:42 GMT 33 INFO - Command line arg: --username=Default Administrator

2013-07-26 13:28:42 GMT 33 INFO - Command line arg: --target_id=0a9ae17e944cd7598c16037caa23c0a5

2013-07-26 13:28:42 GMT 33 INFO - Command line arg: --gw_list=10.105.148.72:888

2013-07-26 13:28:42 GMT 33 INFO - Command line arg: --broker_list=null

2013-07-26 13:28:42 GMT 33 INFO - Downloading content from http://10.105.148.66:80/trc/getControllerConfig.do

2013-07-26 13:28:42 GMT 33 INFO - Discarding invalid tool configuration for tool with prefix [tool09]

2013-07-26 13:28:42 GMT 33 INFO - Loaded tool with prefix [tool05] from configuration: [0:Windows Explorer]: [[WindowsFolder]\explorer.exe] with parameters [] as user []

2013-07-26 13:28:42 GMT 33 INFO - Loaded tool with prefix [tool01] from configuration: [1:Control Panel]: [[SystemFolder]\control.exe] with parameters [] as user []

2013-07-26 13:28:42 GMT 33 INFO - Loaded tool with prefix [tool06] from configuration: [2:Terminal]: [/usr/bin/gnome-terminal] with parameters [] as user []

2013-07-26 13:28:42 GMT 33 INFO - Loaded tool with prefix [tool02] from configuration: [3:Command Prompt]: [[SystemFolder]\cmd.exe] with parameters [] as user []

2013-07-26 13:28:42 GMT 33 INFO - Discarding invalid tool configuration for tool with prefix [tool10]

2013-07-26 13:28:42 GMT 33 INFO - Loaded tool with prefix [tool07] from configuration: [4:Control Panel]: [/usr/bin/gnome-control-center] with parameters [] as user []

2013-07-26 13:28:42 GMT 33 INFO - Loaded tool with prefix [tool03] from configuration: [5:Administrator Command Prompt]: [[SystemFolder]\cmd.exe] with parameters [] as user [admin]

2013-07-26 13:28:42 GMT 33 INFO - Discarding invalid tool configuration for tool with prefix [tool08]

2013-07-26 13:28:42 GMT 33 INFO - Loaded tool with prefix [tool04] from configuration: [6:Task Manager]: [[SystemFolder]\taskmgr.exe] with parameters [] as user []

2013-07-26 13:28:42 GMT 33 INFO - Discarding invalid key sequence configuration for key sequence with prefix [key05]

2013-07-26 13:28:42 GMT 33 INFO - Discarding invalid key sequence configuration for key sequence with prefix [key03]

2013-07-26 13:28:42 GMT 33 INFO - Discarding invalid key sequence configuration for key sequence with prefix [key01]

2013-07-26 13:28:42 GMT 33 INFO - Discarding invalid key sequence configuration for key sequence with prefix [key02]

2013-07-26 13:28:42 GMT 33 INFO - Discarding invalid key sequence configuration for key sequence with prefix [key04]

2013-07-26 13:28:42 GMT 33 INFO - Loading properties from ayudame.properties

2013-07-26 13:28:42 GMT 33 CONFIG - feature.collaboration = yes

2013-07-26 13:28:42 GMT 33 CONFIG - feature.fips_compliance = yes

2013-07-26 13:28:42 GMT 33 CONFIG - target.linux.rpm = ibm-trc-target-@VERSION@.i386.rpm

2013-07-26 13:28:42 GMT 33 CONFIG - history.file = trc_history.properties

2013-07-26 13:28:42 GMT 33 CONFIG - target.config.file.name = ibmtrct.conf

2013-07-26 13:28:42 GMT 33 CONFIG - feature.recording = yes

2013-07-26 13:28:42 GMT 33 CONFIG - target.config.template = ibmtrct.conf

2013-07-26 13:28:42 GMT 33 CONFIG - target.windows.setup = trc_target_setup.exe

2013-07-26 13:28:42 GMT 33 CONFIG - feature.remote_install = yes

2013-07-26 13:28:42 GMT 33 CONFIG - configuration.file = trc_controller.properties

2013-07-26 13:28:44 GMT 33 INFO - Creating Direct connection Forth Session

2013-07-26 13:28:44 GMT 33 INFO - Generated Controller ID: 1a853331b60ebbeb808d22eac3d9b827

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [lo] because the API method invoke failed. java.lang.StringIndexOutOfBoundsException: String index out of range: -1

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net0] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net1] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net2] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [ppp0] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth0] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth1] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth2] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [ppp1] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net3] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Realtek PCIe GBE Family Controller] is [e8:40:f2:fc:1b:ce]

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Atheros AR9485WB-EG Wireless Network Adapter] is [74:e5:43:49:6b:48]

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth4] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth5] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net5] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Dispositivo Bluetooth (Personal Area Network)] is [74:e5:43:49:a7:b6]

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Microsoft Virtual WiFi Miniport Adapter] is [16:e5:43:49:6b:48]

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Teredo Tunneling Pseudo-Interface] is [00:00:00:00:00:00:00:e0]

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth7] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net8] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [ppp2] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Juniper Network Connect Virtual Adapter] is [00:ff:30:63:eb:07]

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Microsoft ISATAP Adapter] is [00:00:00:00:00:00:00:e0]

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Microsoft ISATAP Adapter #4] is [00:00:00:00:00:00:00:e0]

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Microsoft ISATAP Adapter #2] is [00:00:00:00:00:00:00:e0]

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net12] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 FINE - Retrieved (API) MAC Address for interface [Microsoft ISATAP Adapter #5] is [00:00:00:00:00:00:00:e0]

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net14] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net15] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth9] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth10] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth11] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth12] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth13] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth14] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [eth15] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net16] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net17] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net18] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net19] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 WARNING - Returning MAC 00:00:00:00:00:00 for interface [net20] because the API method invoke failed. java.lang.NullPointerException

2013-07-26 13:28:44 GMT 33 FINE - Interface for outgoing connection is [Software Loopback Interface 1] with MAC [00:00:00:00:00:00]

2013-07-26 13:28:44 GMT 33 WARNING - Defaulting to MAC 00:00:00:00:00:00 because no interfaces match IP []

2013-07-26 13:28:44 GMT 33 INFO - Identifying controller with IP [] and MAC [00:00:00:00:00:00]

2013-07-26 13:28:44 GMT 33 FINEST - Created ParallelConnectionController [19827612] with initial status [1]

2013-07-26 13:28:44 GMT 33 FINEST - ParallelConnectionController [19827612] Connecting to [(10.16.63.79):888] and targetId [0a9ae17e944cd7598c16037caa23c0a5]

2013-07-26 13:28:44 GMT 33 FINEST - ParallelConnectionController [19827612] Created ParallelConnection to [(10.16.63.79):888] using no gateway

2013-07-26 13:28:44 GMT 33 FINEST - ParallelConnectionController [19827612] Created ParallelConnection to [(10.16.63.79):888] using gateway [10.105.148.72:888]

2013-07-26 13:28:44 GMT 42 INFO - Connection attempt to [10.16.63.79:888]

2013-07-26 13:28:44 GMT 42 INFO - Not using proxy. Direct connection

2013-07-26 13:28:44 GMT 42 SEVERE - Connection error

java.net.SocketException: Permission denied: connect

at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)

at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)

at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)

at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)

at java.net.AbstractPlainSocketImpl.connect(Unknown Source)

at java.net.PlainSocketImpl.connect(Unknown Source)

at java.net.SocksSocketImpl.connect(Unknown Source)

at java.net.Socket.connect(Unknown Source)

at com.ibm.uk.greenock.ayudame.protocol.forthv2.ForthConnection.connect(ForthConnection.java:137)

at com.ibm.uk.greenock.ayudame.protocol.forthv2.ParallelConnection.run(ParallelConnection.java:77)

at java.lang.Thread.run(Unknown Source)

2013-07-26 13:28:44 GMT 42 INFO - Failed direct connection to [10.16.63.79:888]

2013-07-26 13:28:44 GMT 42 FINE - ConnectionException details:

com.ibm.uk.greenock.ayudame.app.ConnectionException

at com.ibm.uk.greenock.ayudame.protocol.forthv2.ForthConnection.connect(ForthConnection.java:151)

at com.ibm.uk.greenock.ayudame.protocol.forthv2.ParallelConnection.run(ParallelConnection.java:77)

at java.lang.Thread.run(Unknown Source)

2013-07-26 13:28:44 GMT 42 FINEST - ParallelConnectionController [19827612] Increased aborted sessions counter to [1]

2013-07-26 13:28:45 GMT 33 FINEST - ParallelConnectionController [19827612] is now blocked until connected

2013-07-26 13:28:45 GMT 43 INFO - Connection attempt to [10.16.63.79:888] through gateway [10.105.148.72:888]

2013-07-26 13:28:45 GMT 43 INFO - Attempting connection to [10.16.63.79:888] using gateway [10.105.148.72:888]

2013-07-26 13:28:47 GMT 43 INFO - Encrypting session traffic with AES

2013-07-26 13:28:47 GMT 43 SEVERE - Received unknown packet type [102] from gateway

2013-07-26 13:28:47 GMT 43 FINEST - ParallelConnectionController [19827612] Increased aborted sessions counter to [2]

2013-07-26 13:28:47 GMT 43 FINEST - ParallelConnectionController [19827612] all connections are known to have failed. Blocked threads will be notified

2013-07-26 13:28:47 GMT 43 INFO - Sending End Session packet …

2013-07-26 13:28:47 GMT 33 FINEST - ParallelConnectionController.blockUntilConnected() returned after 1 seconds

2013-07-26 13:28:48 GMT 33 INFO - Stopping Remote Control Controller Trace log

any idea?

system · July 26, 2013, 6:15pm

(imported comment written by 978-0201616224)

Hi Federico,

Your controller is getting a connection to the target on that IP address. It is expecting a gateway to answer, not a target.

Can you check your gateway configuration - check PortToListen in your Inbound connection.

HTH,

Chris

system · July 26, 2013, 6:41pm

(imported comment written by 978-0201616224)

Hi Federico,

On your gateway system, you also have the target running. The target is listening for incoming connections on port 888, which is the default. I don’t know which port the gateway is listening on, because the gateway doesn’t have any default ports and I don’t have your configuration.

So, please check the configuration of your gateway. Make sure that you have configured a port that is not already in use by another service. For example, do not use port 888 because that is already in use by the target. Then correct the port in the registatration of the gateway on the server.

HTH,

Chris

system · July 30, 2013, 2:55pm

(imported comment written by Federico.Vietti)

Thank you Chris.

this solves the problem

regards, many thanks

system · July 26, 2013, 11:43am

(imported comment written by Federico.Vietti)

In the –gw_list i’ve got an entry with the correct GW