7 Replies Latest reply on May 23, 2014 9:27 AM by Scott Olswold

    Firewalls and Blueprint 5.1

    Mark Hamer Scout

      Hi, we have what appears to be a working system in one of our sites, the edas url works, ldap works  for regsterme etc.


      but when I try set up a printer at a different site   the test within the printer fails on both ldap and edas.   I know details are correct,


      what needs to be open on firewalls? that may be blocking this?


      we had pre-opened the same ports from V3.1  are there any new ones?


      (im aware of 80 801 etc but are there any printer specific ones?



      thanks in advance.


      an error in Printer log (Lexmark t656)

      ERROR 80 registerme -T|Registerme|BADURL|s|https://Collector url


      the sam eurl cut an dpaste don to the local site works fine.


        • Re: Firewalls and Blueprint 5.1
          Scott Olswold Guide



          LDAP is going to either use TCP port 389 (LDAP) or 636 (LDAPS) by default; these can be set to different values on the LDAP server, but most usually don't get changed. In Blueprint, the terminal needs only communicate to the server via HTTPS, aka TCP port 443. You also need to ensure that TCP 515 (LPD) is open on the printer side of the wire, or the job won't be released by the Collector. If you're using the SNMP state check function with Service Pack 1.2, you will also need to open UDP 161 and 162. A lot of places don't like to open those.



            • Re: Firewalls and Blueprint 5.1
              Mark Hamer Scout

              Hi, Scott


              we do use 389, and the firewall team inform me that its open for the printer we are testing.


              we cant have snmp so we disabled the state check as per your earlier mail (thank you)


              I guess because its ldap as well as edas  its going to be connectivity rather than pharos.

              as we use so many lock downs it makes trouble shooting difficult



                • Re: Firewalls and Blueprint 5.1
                  Scott Olswold Guide



                  A troubleshooting toolkit that may be helpful here is one that contains a hub (not a switch; make sure that its a hub), another computer, and Wireshark on that computer. Plug the computer and the device into the hub, fire up Wireshark and put it in Promiscuous capture mode. This way, you'll see everything. When the failure occurs on the device, stop the capture and in the Filter, type ip.addr==IPADDRESSOFDEVICE and apply that. Each packet will list a SRC and DEST port.



              • Re: Firewalls and Blueprint 5.1
                Jeff Geller Guide

                Hi Mark,


                Another thing you can do is check the Lexmark Service Engineer logs regarding LDAP, and or eDas if there is an issue with eDas giving you one of the "Application [error message here]" type of messages when trying to use Print Release or RegisterME application on the device.


                For the LDAP log.

                1. Navigate to http://IP_Address/se

                2. Click the link for LDAP Log


                For eDas logging.

                1. Navigate to http://IP_Address/se

                2. Click the link for Embedded Solutions.

                3. Click Set Logging Level and select Yes for debugging entries then the submit button.

                4. Click the back button in your browser.

                5. Repeat the problem.

                6. Obtain the Log file from the Lexmark device.



                Pharos Support

                Jeff Geller