Question : Problem: WTF's up with my iSCSI network config ???

Experts:

I just purchased an EMC AX4-5i dual-SP SAN appliance; two racks, one for SAS drives and the other with SATA drives. I'm just setting up the appliance and I'm stuck, hoping you all can help me figure something out.

If you look at the attached file you'll notice my vanilla setup: 1 server with 3 NICs connected to a pair of GigE switches configured in a meshed network connecting a pair of SP units, each with two iSCSI ports of their own.

The problem I'm having is that on the server i can only ping one of two switches and only two of four iSCSI ports

C:\Program Files\Support Tools>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : galapagos
Primary Dns Suffix . . . . . . . : xxx.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.local

Ethernet adapter 192.168.253.98:

Connection-specific DNS Suffix . : xxx.local
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter
Physical Address. . . . . . . . . : 00-04-23-AB-6A-0B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.253.98
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :

Ethernet adapter 192.168.253.99:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter #2
Physical Address. . . . . . . . . : 00-04-23-AB-6A-0C
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.253.99
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :

Ethernet adapter 192.168.10.25:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC3163 Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-50-8B-EB-15-1C
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.25
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 192.168.10.13
192.168.10.25
Primary WINS Server . . . . . . . : 192.168.10.13
Secondary WINS Server . . . . . . : 192.168.10.25

C:\Program Files\Support Tools>ping 192.168.253.199

Pinging 192.168.253.199 with 32 bytes of data:

Reply from 192.168.253.199: bytes=32 time=3ms TTL=64
Reply from 192.168.253.199: bytes=32 time=2ms TTL=64
Reply from 192.168.253.199: bytes=32 time=1ms TTL=64
Reply from 192.168.253.199: bytes=32 time=2ms TTL=64

Ping statistics for 192.168.253.199:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 3ms, Average = 2ms

C:\Program Files\Support Tools>ping 192.168.253.198

Pinging 192.168.253.198 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.253.198:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Program Files\Support Tools>ping 192.168.253.200

Pinging 192.168.253.200 with 32 bytes of data:

Reply from 192.168.253.200: bytes=32 time<1ms TTL=64
Reply from 192.168.253.200: bytes=32 time<1ms TTL=64
Reply from 192.168.253.200: bytes=32 time<1ms TTL=64
Reply from 192.168.253.200: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.253.200:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Program Files\Support Tools>ping 192.168.253.201

Pinging 192.168.253.201 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.253.201:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Program Files\Support Tools>ping 192.168.253.202

Pinging 192.168.253.202 with 32 bytes of data:

Reply from 192.168.253.202: bytes=32 time=1ms TTL=64
Reply from 192.168.253.202: bytes=32 time<1ms TTL=64
Reply from 192.168.253.202: bytes=32 time<1ms TTL=64
Reply from 192.168.253.202: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.253.202:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\Program Files\Support Tools>ping 192.168.253.203

Pinging 192.168.253.203 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.253.203:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Program Files\Support Tools>

So before I go any further and start configuring iSCSI initiators or LUNs, etc...I wanted to clear up this networking mystery

Thanks,
juckyt

Answer : Problem: WTF's up with my iSCSI network config ???

To enable group policies for users logging on to your TS, but are in another OU, you'll need the "Loopback" feature.
1. Create a new GPO in your Terminal Server OU, named, for example "Loopback"; check "deactivate userdefined configuration" (I'm not sure about the English name of that entry) in properties. Edit the GPO and enable: Computer Configuration - Administrative Templates - group policies - Activate Loopback mode for group policies (or similar; as I said, I don't use an English version, so check out the explanation tab if unsure). Set the mode to replace.
2. Now you can create additional GPO(s) for your users in this OU. If possible, check "deactivate computer configuration" in those. Important: Do not use the "Loopback" GPO to configure other settings! These GPOs will now only apply if the users logon to a terminal server session.
Note that you do (or "may") not need to put the users in (or below) the TS OU. New GPOs in that OU will be applied to all users logging on using Terminal Services, even though those users are not in/below the TS OU.
To include only your "other OU" user (and, more important, exclude Administrators!), use the security group filtering. I'd recommend to do the following: For every GPO, create a global security group named, for example, GPol<GPO name> (Global Policy group for GPO <name>). Make your "other OU" users member of this group. In the security settings for the GPO, remove the "Apply Policy" and the "Read Policy" permissions for the default "Authenticated Users", add them for the proper security group instead.
You can (and should) of course test this with a stand-alone workstation in a test OU, before you apply it to your production environment.

Loopback Processing of Group Policy
http://support.microsoft.com/?kbid=231287

How to Apply Group Policy Objects to Terminal Services Servers
http://support.microsoft.com/?kbid=260370

Step-by-Step Guide to Understanding the Group Policy Feature Set
http://www.microsoft.com/windows2000/techinfo/planning/management/groupsteps.asp

Random Solutions

Problem: how to connect linksys wireless router to exsisting wireless network??

Problem: Windows 2003 installation problem

Problem: VBA/PCL: Programatically select output stacker tray using PCL6 driver

Problem: send a fax via pda

Problem: 486DX33MHz AMI BIOS 1993 Error Beeps

Problem: How do i reassing TS user CAL

Problem: Booting from External SATA

Problem: After upgrade to Backup Exec 10d , now experiencing backup slowness

Problem: driver for a NEC MultiSync LCD1550V 15

Problem: Cisco 3550 SMI PWR Switch