| Author |
Message
|
| sentah |
 Posted: Thu Jan 30, 2003 7:30 am Post subject: Firewall Access |
 |
|
Newbie
Joined: 13 May 2002
Posts: 6
|
Hi guys,
let me explain my setup.
1)MQClient on a WIN2k server system
2)MQServer on a WIN2K server system
I need to put messages on the server and also read messages from them.The catch here is that there is a firewall (internal corporate) between the client and the server.
How do i make my client talk to the server thru fixed ports? con they be fixed , if fixed how many ?
Also the firewall has no http support (i.e) it does not cater to internet needs.
Am really struck since i found that the client machine is choosing a random port (OS decided) and communicates with the 1414/other ports on the server in our development environment.
I am using MQJava for programming this application.
Please let me know ur suggestions as I see that this issue is not raised in the previous forum messages. |
|
| Back to top |
|
 |
| bower5932 |
| Posted: Thu Jan 30, 2003 12:08 pm Post subject: |
|
|
Jedi Knight
Joined: 27 Aug 2001
Posts: 3023
Location: Dallas, TX, USA
|
I'd suggest looking at a couple of SupportPacs: MA86 and MS81. They can be found at:
http://www-3.ibm.com/software/ts/mqseries/txppacs/txpm2.html#cat1
The MA86 is a presentation on MQ and firewalls. It gives some details on configuring ports. MS81 is the internet pass-thru and it can come in handy when dealing with firewalls since it will route MQ traffic through different ports. |
|
| Back to top |
|
|
| sentah |
| Posted: Sun Feb 02, 2003 9:30 pm Post subject: |
|
|
Newbie
Joined: 13 May 2002
Posts: 6
|
Aaah,
I found that they are talkin about configuring the firewall or installing a MQSeries pass thru. What I would like to know is that is there any means by which i can fix the port for data communication.
i.e
1) Client (X) looks up server(1414)
2) Client (Y) exchanges data with server (Z)
If I am right according to distributed computing the client and the server establish connection and port 1414 and then decides to communicate on a randomly chosen port decided by OS.
We have faced the same situation in java RMI, however we were able to fix the port in that case.Am not sure how to fix the port programmattically in this MQSeries for JAVA api.
Can anyone help me out ? Please advice.
Thanks in Advance. |
|
| Back to top |
|
|
| sentah |
| Posted: Sun Feb 02, 2003 9:32 pm Post subject: |
|
|
Newbie
Joined: 13 May 2002
Posts: 6
|
| Quote: |
1) Client (X) looks up server(1414)
2) Client (Y) exchanges data with server (Z)
|
Forgot to add X,Y and Z represent random port numbers.Correct me if I am wrong. |
|
| Back to top |
|
|
| bower5932 |
| Posted: Mon Feb 03, 2003 5:48 am Post subject: |
|
|
Jedi Knight
Joined: 27 Aug 2001
Posts: 3023
Location: Dallas, TX, USA
|
| I thought that there was a MQTcpSdrPort environment variable that you could set. I believe this is described in the Firewall SupportPac (MA86). However, I thought it only worked for the C clients. I think you are out of luck with java (jms). |
|
| Back to top |
|
|
| jsware |
| Posted: Tue Feb 04, 2003 3:16 am Post subject: |
|
|
Chevalier
Joined: 17 May 2001
Posts: 455
|
| Without using the internet passthru, or any parameter settings, to allow connections directly, you need to open up and allow any port >=1024 on the client to talk to port 1414 on the server. If your firewall is stateless, you need to allow port 1414 on the server to talk to any port >=1024 on the client (I.e. the response traffic back). If your firewall is stateful (i.e. it remembers the initial connection) then this won't be necessary. |
|
| Back to top |
|
|
| techno |
| Posted: Fri Feb 07, 2003 1:44 pm Post subject: |
|
|
Chevalier
Joined: 22 Jan 2003
Posts: 429
|
Opening port 1414 at Firewall: Does not it solve the problem? Is there any other way? If so, would you plz provide some links?
thanks
Shiva. |
|
| Back to top |
|
|
| yaakovd |
| Posted: Sat Feb 08, 2003 9:54 am Post subject: |
|
|
Partisan
Joined: 20 Jan 2003
Posts: 319
Location: Israel
|
| techno wrote: |
| Opening port 1414 at Firewall: Does not it solve the problem? |
It will open fiewall to one way - from client to server, but not back.
If we will run client application under some application server (WebLogic, JRun etc.) with fixed port? Somebody knows if it work?
_________________
Best regards.
Yaakov
SWG, IBM Commerce, Israel |
|
| Back to top |
|
|
| kingdon |
| Posted: Sun Feb 09, 2003 1:31 am Post subject: |
|
|
Acolyte
Joined: 14 Jan 2002
Posts: 63
Location: UK
|
It's a known requirement that I believe is very likely to be addressed in the near future.
James. |
|
| Back to top |
|
|
|
|
