Fibre Channel (SAN)

Reply
Contributor
Posts: 30
Registered: ‎06-25-2013
Accepted Solution

Switch FC5022 : Interface disabled HTTP, I need to acces it with HTTP

IBM model :IBM Flex System FC5022 16Gb SAN Scalable Switches

or

Brocade model : Brocade 6547 Switch Module

  When I try to reach my switch with firefox with the adress http://x.x.x.x

 

I got this message :

 

Interface disabled This Interface (ADRESS IP OF MY PC) has been blocked by the administrator.

 

How can I disable the HTTPS? because with my BNA I cannot add it all my switches is http...

 

thank you

 

 

Valued Contributor
Posts: 761
Registered: ‎06-11-2010

Re: Switch FC5022 : Interface disabled HTTP, I need to acces it with HTTP

Hi,

 

It looks to me as if the HTTP port 80 had been blocked within the active ipfilter policy. Please, take a look at the Active IP filter policy with command

 

ipfilter --show

 

And if access to port 80 is denied, change the policy. Try this first, and if does not work will try to figure out what else we could do.

 

rgds,

Felipon

 

 

Contributor
Posts: 30
Registered: ‎06-25-2013

Re: Switch FC5022 : Interface disabled HTTP, I need to acces it with HTTP

[ Edited ]

Yes is deny

Name: default_ipv4, Type: ipv4, State: active
Rule    Source IP                               Protocol   Dest Port   Action
1     any                                            tcp       22     permit
2     any                                            tcp       23       deny
3     any                                            tcp      897     permit
4     any                                            tcp      898     permit
5     any                                            tcp      111     permit
6     any                                            tcp       80       deny
7     any                                            tcp      443     permit
8     any                                            udp      161     permit
9     any                                            udp      111     permit
10    any                                            udp      123     permit
11    any                                            tcp      600 - 1023     permit
12    any                                            udp      600 - 1023     permit

Name: default_ipv6, Type: ipv6, State: active
Rule    Source IP                               Protocol   Dest Port   Action
1     any                                            tcp       22     permit
2     any                                            tcp       23       deny
3     any                                            tcp      897     permit
4     any                                            tcp      898     permit
5     any                                            tcp      111     permit
6     any                                            tcp       80       deny
7     any                                            tcp      443     permit
8     any                                            udp      161     permit
9     any                                            udp      111     permit
10    any                                            udp      123     permit
11    any                                            tcp      600 - 1023     permit
12    any                                            udp      600 - 1023     permit


Valued Contributor
Posts: 761
Registered: ‎06-11-2010

Re: Switch FC5022 : Interface disabled HTTP, I need to acces it with HTTP

Hi,

 

then, you have to permit it. Please, try the following:

 

1.- Delete the rule that denies access to HTTP:

 

ipfilter --delrule default_ipv4 -rule 6

 

2.- Add a new rule that permits the HTTP access:

 

ipfilter --addrule default_ipv4 -rule 6 -sip any -dp 80 -proto tcp -act permit

 

 

Let us know how it goes.

Rgds,

Felipon

Contributor
Posts: 30
Registered: ‎06-25-2013

Re: Switch FC5022 : Interface disabled HTTP, I need to acces it with HTTP

SWITCH:root> ipfilter --delrule default_ipv4 -rule 6
Not allowed to change default policies
SWITCH:root> ipfilter --addrule default_ipv4 -rule 6 -sip any -dp 80 -proto tcp -act permit
Not allowed to change default policies

 

...

Contributor
Posts: 30
Registered: ‎06-25-2013

Re: Switch FC5022 : Interface disabled HTTP, I need to acces it with HTTP

Hi Felipon,

thank you for your Help! I got help from a guru of Brocade and He found this solution :

ipfilter --clone ipv4 -from default_ipv4
ipfilter --delrule ipv4 -rule 6
ipfilter --addrule ipv4 -rule 6 -sip any -dp 80 -proto tcp -act permit
ipfilter --save ipv4
ipfilter --show
ipfilter --activate ipv4

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook