| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Using the AMQSCNXS sample with ephemeral port? |
« View previous topic :: View next topic » |
| Author |
Message
|
| Northsider |
 Posted: Tue Aug 18, 2015 7:24 am Post subject: Using the AMQSCNXS sample with ephemeral port? |
 |
|
Novice
Joined: 09 Mar 2005
Posts: 16
|
Hi,
I've googled and searched this website but cant seem to find an answer, for maybe a very easy question.
I want to test a connection from QM1 to QM2 where in between a Firewall is implemented.
The Firewall has a source and destination value.
AMQSCNXC start
-> connection name xxx.xxx.xxx.xxx(yyyy).
MQCONNX ended with reason code 2538.
The Channel between QM1 and QM2 is running, but has a LOCLADDR value.
./amqscnxc -x 'xxx.xxx.xxx.xxx(yyyy)'
Is there someway / trick to have this LOCLADDR in my AMQSCNCX or maybe a Telnet Session? |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Tue Aug 18, 2015 8:09 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
The local address should have nothing to do with the connection through the firewall.
The sender channels on both sides need to specify the correct address of their side of the firewall connection.
If you, somehow, need to configure what interface/port the receiver channel uses - THAT's where LOCALADDR comes into play.
And amqscnxc doesn't use a receiver channel.
It uses a CLNTCONN/SVRCONN pair. That's what the "c" stands for -"client". |
|
| Back to top |
|
|
| Northsider |
| Posted: Tue Aug 18, 2015 11:19 pm Post subject: |
|
|
Novice
Joined: 09 Mar 2005
Posts: 16
|
I think I dont understand well.. 
If my LOCLADDR value in the QM1.QM2 Sender is empty, then it wont work. So i'm pretty sure it has something todo with the firewall.
When the LOCLADDR has a value, it sets up a connection. QM1.QM2 running.
The issue im having, is that an external party moved to another location and now has a QM3. I would like to test the firewall settings from QM1 to QM3, without having to create a channelpair.
using AMQSCNXC on the QM1 machine, doesnt connect to QM3, but also not to QM2. (which I think has to do with the ephemeral port?)
http://www-01.ibm.com/support/docview.wss?uid=swg21159801 |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Aug 19, 2015 2:44 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| Northsider wrote: |
I think I dont understand well..
If my LOCLADDR value in the QM1.QM2 Sender is empty, then it wont work. So i'm pretty sure it has something todo with the firewall.
When the LOCLADDR has a value, it sets up a connection. QM1.QM2 running.
The issue im having, is that an external party moved to another location and now has a QM3. I would like to test the firewall settings from QM1 to QM3, without having to create a channelpair.
using AMQSCNXC on the QM1 machine, doesnt connect to QM3, but also not to QM2. (which I think has to do with the ephemeral port?)
http://www-01.ibm.com/support/docview.wss?uid=swg21159801 |
To make it work you have to provide the same information to the SVRCONN part of the channel i.e. you have to use a CLNTCONN channel. You can do this by using a CCDT to connect and filling in the information (LOCLADDRESS) on the CLNTCONN.
The field specifies a range of ips/ ports allowed for the establishment of the call back, so yes it has an influence on how the firewall filters the connections. Just make sure the port range is big enough... It is one thing to use it for qmgr to qmgr connections but you need a lot bigger range when using clntconn/svrconn connections.
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Aug 19, 2015 5:44 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
I repeat.
AMQSCNXC does NOT use Sender Channels.
At all. Ever. |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
