No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Far end sacg cannot connect with the sm in the tsm networking.

Publication Date:  2019-07-11 Views:  104 Downloads:  0

Issue Description

The sm sever is located in B point, and belongs to untrust zone the same with A point. The sacg is serial connected in the network derectly. Now the B point service is ok but the sc at A point can’t connect with it.

Alarm Information


Handling Process

Testing with ping, display that can’t connect.
Using the telnet 17889 port but display that can’t open the port.
Checking that the middle line don’t have FW to block off.
Finally, checking the usg2220 configuration find the configuration of inter-domin rule is that:

firewall packet-filiter defalt deny interzone trust untust direction inbound
firewall packet-filiter defalt deny interzone trust untust direction outbound

The Linkage policy applied to the outbound of trust to untrust. The inter-domain rule being blocked obviously. It works normally after delete the rule of inbound.

Root Cause

The sc at B point can’t communicate with the SM at A point normally.


We need pay attention when use the products of hsr series. It is ok that inter-domain not opened when configure the other device. But this series product need do the deny rule, so suggest that configure unidirectional deny rule