As we have been adjusting our firewall logging for better compliance we are seeing a huge number of TCP Connection Reject messages.
We traced this down to the fact that when the RMA Manager client is not running on our HM server, there is nothing listening for a connection on 5057/tcp. This makes sense but the Active Agents are very persistent and causing a huge number of log entries.
We don’t really have the option to leave the HM Server logged on just to keep the RMA Manager running. So I'm curious if you would consider modifying the Active Agent in one of the following manners (or something similar).
1) Have the Active Agent check for the RMA Manager less frequently? Once ever X minutes and give us the option to define that interval.
2) Or more ideal have the Active Agent accept a command from HM that would turn on/off Remote Management. Then we could turn ON Remote Management via a HM test via the already established 5056/tcp connection. This way 5057/tcp would remain quiet until needed. Perhaps similar to the PING rma itself we could have another PING rma remotemanage_on and PING rma remotemanage_off could be triggers to allow this kind of management toggle.
3) Or the most ideal, proxy the RMA Manager through HM’s existing connection to the RMA Agents. Yes I know this would likely be the hardest rewrite, but perhaps the cleanest in the long run.
Or do you have another creative solution. And no, I cannot filter out these annoyance logs from our firewall.
![:-)](./images/smilies/icon_smile.gif)
Do you think this modification is possible?