APC Powerchute Network Shutdown Communication (Full Version)

All Forums >> [ISA Server 2000 General] >> Server Publishing



Message


cybersmith -> APC Powerchute Network Shutdown Communication (5.Nov.2004 6:24:00 PM)

I am attempting to get APC's software working on my network. I am running a DMZ environment and I will need the network card in the SmartUPS, which is connected to my secure LAN, to communicate with the servers in my DMZ.

I have contacted APC and they have told me that port 3052 TCP needs to be open and ports 80, 160, and 161 UDP need to be open. I have tried with no success to get this to function. Can someone please provide me with a list of steps that should be taken to open these ports appropriately? Instead of me trying to explain everything I've tried, I think it would be easier if someone who worked with ISA every day were to post their recommendation.

Thanks in advance for any replies!




spouseele -> RE: APC Powerchute Network Shutdown Communication (6.Nov.2004 1:22:00 PM)

Hi Mr. Fix It,

you should definitely check out http://www.tacteam.net/openport.htm ! [Razz]

So, the first important step is to know if this is an inbound or outbound issue. For inbound you need to create server publishing rules. For outbound you need to configure the necessary protocol and site&content rules. Also, it might be necessary to create first the protocol definitions.

What have you tried so far? Please post *exact* info!

HTH,
Stefaan




cybersmith -> RE: APC Powerchute Network Shutdown Communication (8.Nov.2004 8:35:00 PM)

Alright, well I have created the protocol a few different ways in ISA. I first setup a protocol with the following specs:
3052 TCP outbound
3052 TCP Inbound
80 UDP Receive/Send
80 UDP Send/Receive
160-161 UDP Receive/Send
160-161 UDP Send/Receive

I have also tried setting this protocol up specifying 160 and 161 rules separately. Using these protocols, I setup a Server Publishing Rule to route traffic to the internal IP address of the Network Management Card. Neither of these was successful in allowing the program to communicate through ISA.

Next I tried setting up two protocols, one for outbound and one for inbound. So outbound had:
3052 TCP Outbound
80 UDP Send/Receive
160-161 UDP Send/Receive
And Inbound had:
3052 TCP Inbound
80 UDP Receive/Send
160-161 Receive/Send
And I setup a server publishing rule using the inbound protocol and a Protocol rule for the outbound protocol. Again, this method did not allow the program to communicate through the firewall.

I'm fairly familiar with ISA now, and I really was sure I could get this setup correctly... but I guess I must have missed something. APC simply isn't any help. They say that if I can open the ports, then it will work. Other than that they can't help me.

If there is nothing more I can try that anyone can recommend, how about some more information as to how I would test to see if these ports are actually open. I have tried used HyperTerminal from a machine outside of ISA to connect to the external IP of the ISA at port 3052. This SHOULD route the request to the Network Management card in the UPS. Hyperterminal reads "Connected" for exactly one second and then disconnects. I don't know if that means it's actually getting through for a second, or if ISA takes that long to reject the connection.




spouseele -> RE: APC Powerchute Network Shutdown Communication (11.Nov.2004 10:11:00 PM)

Hi Mr. Fix It,

if the vendor can't give you exact info then you should not use their products or be willing to find it out yourself! [Big Grin]

I suggest you record a session with your favorite Sniffer (check out http://www.ethereal.com for a free one) on a workstation placed outside of ISA. Then sit back and thoroughly analyze the recording. You should be able to find out which TCP/UDP ports are used and in which direction.

With that knowledge you can then configure the correct protocol definitions, protocol and site&content rules and/or publishing rules. To test them out, check out http://www.isatools.org . You'll find there an excellent Winsock Tool.

HTH,
Stefaan




md3v -> RE: APC Powerchute Network Shutdown Communication (13.Nov.2004 12:53:00 PM)

I am having the same problem here and have issued a 'ticket' to APC for a resolution.

I will post their response/es.

m.




spouseele -> RE: APC Powerchute Network Shutdown Communication (13.Nov.2004 5:43:00 PM)

Hi m,

great! They should be able to give you the *exact* protocols used (TCP/UDP, port number, direction, primary and secondary connections,...). [Wink]

HTH,
Stefaan




md3v -> RE: APC Powerchute Network Shutdown Communication (16.Nov.2004 4:28:00 AM)

The 'official' response:

==
Dear Valued customer,

Thank you for using APC TechSuppot.

PowerChute Network Shutdown utilizes the following TCP/IP ports: 3052, 80, 161 and 162. However, currently APC PowerChute Network shutdown (PCNS) does not supports MS ISA 2004. Using PCNS with this operating system will result incompatibility issue with the OS.

If you have any further, queries, please feel free to contact us.

Thanks and best regards,

Rayson
APC ASE TechSupportEngr.
==




cybersmith -> RE: APC Powerchute Network Shutdown Communication (24.Nov.2004 5:57:00 PM)

Sounds like they were about as much help to you as they were for me. First off, in their response they refer to ISA 2004 as an operating system. hmm... second they didn't specify AT ALL how to open those ports.

*sigh*... well, my solution is to purchase a 2nd Network Card for my SmartUPS and setup one NIC on my Internal Network and the 2nd NIC on my DMZ. Wish me luck.




tshinder -> RE: APC Powerchute Network Shutdown Communication (29.Nov.2004 2:14:00 PM)

Hey guys,

Any time *ANYONE* says "open a port", you know you're dealing with a dolt.

There's a reason why NO FIREWALL has an "open port" button. Its because the phrase "open a port" has NO MEANING at all.

HTH,
Tom




BartKile -> RE: APC Powerchute Network Shutdown Communication (1.Dec.2004 9:25:00 PM)

I have also installed the APC Network Management Card on our W2K/ISA2000 Server Farm. I was able to assign an IP address and access the Network Card and the management software but have been unable to access the PowerChute Network Shutdown Software. To access this configuration gui you are asked to enter http://127.0.0.1:3052 on the local machine. The error message is 10061 Connection Refused. My guess is that the request is not being sent to the local machine, but I am not sure how to keep the request at the local machine. Any ideas?




bbevan -> RE: APC Powerchute Network Shutdown Communication (11.Jul.2005 7:23:00 AM)

Anyone ever get this working?




Guest -> RE: APC Powerchute Network Shutdown Communication (10.Aug.2005 2:13:00 PM)

add UPD 3052 Send/Receive




felafel -> RE: APC Powerchute Network Shutdown Communication (10.Aug.2005 3:20:00 PM)

A bit off topic but I think better and more flexible than APC software solutions.

http://www.apcupsd.org/

Regards




Guest -> RE: APC Powerchute Network Shutdown Communication (18.Aug.2005 11:32:00 AM)

And why is the APC daemon at http://www.apcupsd.org superior to Windows' built-in UPS support? I gave up on Powerchute because it wouldn't add a configuration, and decided that the built-in UPS support was sufficient. It can hibernate the system when 10% or less battery power is available, shut down if 3% is reached. Good enough for me.




Guest -> RE: APC Powerchute Network Shutdown Communication (18.Aug.2005 12:14:00 PM)

I had the same problem

Its seems to work with 3052 UDP Send Receive
I can now communicate with the UPS

I will simulate apower failure late afternoon to verify I receive theese messages to from the UPS




Guest -> RE: APC Powerchute Network Shutdown Communication (26.Sep.2005 6:11:00 AM)

on Windows systems you shld have "Uninterruptible Power Supply" service enabled to make APC PowerChute accessable for configuration over web interface




sdsmtss -> RE: APC Powerchute Network Shutdown Communication (20.Oct.2005 4:25:00 AM)

Anyone get Network shutdown working on ISA. I sent a support request to APC and they told me the same crap about Microsoft ISA 2004 being an Operating System they don't support. When I use Network Monitor or ISA Monitoring feature all I see blocked is the broadcast packets sent to UDP 3052 from the APC device. I don't see any communications from UDP ports 160-161 logged in ISA monitor. This issue has been around for a long time. Has nobody found a solution or are we just pointing fingers at APC?

spouseele-Can you think of any better battery backup products with network shutdown capabilities that work with ISA? The product seems pretty good to me besides this downfall.
Maybe I just need to connect ISA to the APC Symmetra unit via serial cable.

Any ideas would be appreciated.
Slacker




seeseegee -> RE: APC Powerchute Network Shutdown Communication (19.Jan.2006 7:44:45 PM)

maybe this is too little too late, but have you tried entering http://localhost:3052 in the browser, opposed to http://127.0.0.1:3052 ? 




LLigetfa -> RE: APC Powerchute Network Shutdown Communication (19.Jan.2006 10:00:11 PM)

Good advice but some applications like WhatsUp Pro will hardcode 127.0.0.1 so it is best to add that IP to the exceptions (direct).  With WPAD, this can be done on the ISA server.




Page: [1]