Problem with an Hitahci AMS SAN on a Cisco Network Using Port 2000

I have recently had some issues connecting to one of our remote Hitahci AMS Storage Array’s using Storage Navigator Modular which by default uses port 2000.

I was getting messages such as the below;

Failed to connect with the subsystem. Confirm the subsystem status and the LAN environment, and try again.

The physical connection was as below;

My PC => Cisco Core => Cisco ASA Firewall => Cisco 2801 Router => LEASED LINE => Cisco ASA Firewall => Cisco Core => HDS AMS

After lots of digging around I found using port 2000 on a Cisco network is not a good idea. Cisco uses port 2000 (Skinny or SCCP) for it’s VOIP products and Cisco routers and Firewalls tend to treat port 2000 as a special port and do some funny thing with the data.

So if you are having a similar issue you have two solutions

Set your device to use a different port to 2000, which is a good idea if you are using Cisco VOIP or stop your Cisco Router(s) and Firewall(s) from treating port 2000 as special.

On any Cisco routers between you and  your device enter the below command in configure terminal mode;

no ip nat service skinny tcp port 2000

On any Cisco ASA between you and you device disable skinny inspection. Again in configure terminal mode;

policy-map global_policy

class inspection_default

no inspect skinny

 

5 thoughts on “Problem with an Hitahci AMS SAN on a Cisco Network Using Port 2000”

  1.  

    Brother thanks for the tip. But I am not able to get hold of the configuration file on Storage Navigator end to change the port, can you point out the exact file name and location. Port on storage controller is already changed.

    Thanks in advance.

    Reply
  2. Hi,
    I am not sure what you mean? You should just need to change the port on the controllers within Storage Navigator
    Depending on your version of storage navigator you will need to switch to management mode => configuration settings => LAN port numbers

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.