ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General IBM MQ Support » BLOCKIP2

Post new topic  Reply to topic
 BLOCKIP2 « View previous topic :: View next topic » 
Author Message
novice
PostPosted: Thu Apr 20, 2006 3:21 am    Post subject: BLOCKIP2 Reply with quote

Apprentice

Joined: 20 Jun 2005
Posts: 37
Hi everybody!

We are using BlockIP2 to secure our channels on a z/OS machine. With one channel we are getting into problems. The channel is defined as below:

DEFINE CHANNEL('channelname') +
CHLTYPE(SVRCONN) +
DESCR(channeldescr') +
TRPTYPE(TCP) +
MAXMSGL(104857600) +
MCAUSER('USER') +
SCYEXIT('BLOCKIP2') +
SCYDATA('123.123.123.123') +
REPLACE

The application is trying to connect to our queue manger using the channel.

We get the following error:

Connection refused for blank user identifier
Connection refused, Channel .....
ConName .... User ..

As far as i know it is not mandatory to use an useridentier on mq connections. anyway it is overwritten by the mcauser.

is this a blockip bug? with our old security exit we don't have this problem?

any expierence with that? thanx
Back to top
View user's profile Send private message
jhaake
PostPosted: Thu Apr 20, 2006 4:43 am    Post subject: Reply with quote

Novice

Joined: 17 Apr 2006
Posts: 13
In a parameter file (not sure it will work with SCYDATA)

AllowBlackUserID=Y;

Also, don't forget that your SCYDATA entries must end with ';'

Thus: '123.123.123.123;'
Back to top
View user's profile Send private message
jhaake
PostPosted: Thu Apr 20, 2006 4:54 am    Post subject: Reply with quote

Novice

Joined: 17 Apr 2006
Posts: 13
I meant "AllowBlankUserID=Y;" sorry
Back to top
View user's profile Send private message
oz1ccg
PostPosted: Thu Apr 20, 2006 6:45 am    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark
Any by the way: BlockIP2 will tell you what it complains about...

You can add -d; to SCYDATA to get much more info.

SCYDATA('123.123.123.123;-d;')

Anyway I might recoment you to use a specification file to control the way BlockIP2 work to use the warious options. As documented in the manual.

-- Lock it or Lose it --
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General IBM MQ Support » BLOCKIP2
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.