Intel PRO/100 Computer Hardware User Manual


 
Troubleshooting and FAQs
51
I changed the IP address or DNS name of a computer, now it can’t
communicate on the network
If you have custom rules, there may be other computers in the network that have
an old IP address or DNS name of a computer in their rules. These rules must be
modified to reflect the IP address/DNS name change.
I think some transmitted information is unprotected and it shouldn’t
be
Check the security action settings of both computers to make sure they
match. Also try to determine which rule is being applied to the communica-
tion. If the rule is set to allow the communication if the rule fails, the com-
puters will transmit data “in the clear” (without security).
Check the default behavior. If both computers use Secure Responder or No
Security, they will always communicate in the clear. If none of the rules
applies to the communication, the communication is unprotected if the
default behavior is Secure Initiator or Secure Responder.
When a computer begins communication with another computer, the first
few seconds are allowed in the clear if the rule being used as a fallback
clear setting or if there are no matching rules and the behavior is Secure
Initiator or Secure Responder.
The following ports always allow traffic to pass in the clear:
UDP port 53 (for DNS traffic)
UDP port 68 to UDP port 67 (for DHCP)
UDP port 137 to UDP port 137 (NetBIOS name service)
UDP port 138 to UDP port 138 (NetBIOS datagram serive)
TCP any port to TCP port 389 (LDAP directory access)