| Author |
Message
|
| sameer |
 Posted: Thu Mar 23, 2006 1:23 pm Post subject: Firewall Issues |
 |
|
Novice
Joined: 09 Sep 2004
Posts: 12
Location: NY
|
We are trying to setup a Channel to deliver data from our office to client over a dedicated line with firewall on both the sides.
We are using MQ Series version 5.21 and the client is using MQ ver6.0
We asked the firewall team to open port 1414 at both the firewalls, we are netting the address on the router and we have the connectivity established.
I have created (SDR) channel and is able to see the connection at the client on the listener, but the channel status at my end is always binding and not running.
Since we cannot use LOCLADDR with the version we have, how can we setup the channels to have it run correctly. (Do I need to open channel1415 and set the channel to use 1415...?)
Your advice will be greatly appreciated.
Sameer |
|
| Back to top |
|
 |
| jefflowrey |
| Posted: Thu Mar 23, 2006 1:26 pm Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
Sounds like a good excuse to convince management to upgrade to a newer MQ, to me.
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| sameer |
| Posted: Thu Mar 23, 2006 1:34 pm Post subject: Firewall Issues |
|
|
Novice
Joined: 09 Sep 2004
Posts: 12
Location: NY
|
Thanks for the suggestion, but at this stage w e may not be able to do the upgrade.
Is it possible to get the channel to running instead binding with what we have.
Sam |
|
| Back to top |
|
|
| jefflowrey |
| Posted: Thu Mar 23, 2006 1:42 pm Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
What's the error message you get from the binding?
Can you telnet to the remote listener on the 1414?
Are you sure the remote listenter is using 1414?
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| mvic |
| Posted: Thu Mar 23, 2006 1:43 pm Post subject: Re: Firewall Issues |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| Are there any error messages in the error logs on either side of the link? |
|
| Back to top |
|
|
| JoePanjang |
| Posted: Thu Mar 23, 2006 4:49 pm Post subject: |
|
|
Voyager
Joined: 10 Jul 2002
Posts: 88
Location: Dengkil MALAYSIA
|
do a tracert to see where the last ip it can reach.
_________________
Every good deed is charity... |
|
| Back to top |
|
|
| wschutz |
| Posted: Thu Mar 23, 2006 5:02 pm Post subject: |
|
|
Jedi Knight
Joined: 02 Jun 2005
Posts: 3316
Location: IBM (retired)
|
| JoePanjang wrote: |
| do a tracert to see where the last ip it can reach. |
No, telnet is the way to go, as Jeff suggests. MQ and telnet both use tcp, whereas tracert uses icmp. icmp might be able to get through the firewall (but perhaps unlikely) but even if it does, it doesn't tell you anything about whether tcp will....
_________________
-wayne |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Thu Mar 23, 2006 5:20 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| wschutz wrote: |
| JoePanjang wrote: |
| do a tracert to see where the last ip it can reach. |
No, telnet is the way to go, as Jeff suggests. MQ and telnet both use tcp, whereas tracert uses icmp. icmp might be able to get through the firewall (but perhaps unlikely) but even if it does, it doesn't tell you anything about whether tcp will.... |
Wayne is right. Ping & tracert might be blocked by the firewall. Telnet passing the MQ Listener port is the way to go. If your telnet <mqport>goes through and presents a "telnet" like screen the firewall is not the problem (you should be getting an FDC as the telnet protocol is not recognized by MQ). If your telnet <mqport> times out or shows an error message (could not connect or something like it) you have a network/firewall problem.
Enjoy 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
|
|
