Re: Port 515 half open session

jdmcdonald · ‎08-30-2005

I have a print server that sits on the 192.168.1.0 network. Anything on this network is able to print to this print server. Anything on my other networks that use IP Inspect are able to print to this print server, when using IOS version 12.3-11T7. When using IOS 12.4-2T1 All other networks are unable to print unless I remove the IP Inspect command from the router port that connects them.

Any help would be appreciated.

nkhawaja · ‎09-01-2005

now either of the two things happaned here:

1- something got broken in the new code

2- additional checks implemented in the new code

Have you tried using a different version of 12.4 code?

on what protocol your print server works on at?

thanks

Nadeem

jdmcdonald · ‎09-01-2005

Upon further investigation, I've found if I remove the command from inspect that is:

no ip inspect name McDonald tcp

The printserver responds. Of course anything going out through on the outside nat interface doesn't work without the tcp inspect command. The print server uses LPD. Every version of the 12.4 code I've tried does this, so either I've missed a new command or they've broken something in the code.

nick.assar · ‎10-27-2005

I have had the same problem but with a 2610 router using the ip audit command.

Any IOS image after 12.3(6) completely breaks the ip audit / inspect commands. It appears to just drop all the traffic until I disable these commands.