Topic
4 replies Latest Post - ‏2013-03-08T04:20:04Z by ahm.m
ahm.m
ahm.m
6 Posts
ACCEPTED ANSWER

Pinned topic Ports from IHS to WAS

‏2013-03-01T15:40:33Z |
Hi
We have very simple WAS and iHS setup..
Machine A:IHS
Machine B: WAS server1 .

Now we have requirement to allow some specific ports from IHS (hosted on DMZ) to WAS( hosted on Intranet)
So how can I achieve inbound and outbound rules for specific ports to be open between IHS and WAS.
What are port numbers that will open between IHS and WAS communication?

Thanks
Updated on 2013-03-08T04:20:04Z at 2013-03-08T04:20:04Z by ahm.m
  • Sunit
    Sunit
    172 Posts
    ACCEPTED ANSWER

    Re: Ports from IHS to WAS

    ‏2013-03-01T16:23:04Z  in response to ahm.m
    Check your WAS configuration or check your most current plugin-cfg.xml for ports used by WAS web container. They will be something like 9080 (non-SSL) and 9443 (SSL).
    Communication from IHS to WAS (DMZ to Intranet) will require you to create the following rule:
    Source: IHS server IP address Dest: WAS server IP address Ports 9080, 9443 Rule: Allow

    --Sunit
    • ahm.m
      ahm.m
      6 Posts
      ACCEPTED ANSWER

      Re: Ports from IHS to WAS

      ‏2013-03-02T02:18:34Z  in response to Sunit
      Thank you so much for response..
      I have seen netstat -anop command output and some tcp ports like (53500,55400 etc)(every time these ports are changing ) ports connecting from IHS to WAS port(9080).
      I am surprised ports 53500,55400 etc didn't appeared in Plugin.xml
      So If I block all ports other than mentioned in plugin.xml between IHS to WAS above ports might be blocked and I would face problem?
      Please share ideas
      Thanks
      • Sunit
        Sunit
        172 Posts
        ACCEPTED ANSWER

        Re: Ports from IHS to WAS

        ‏2013-03-02T11:18:59Z  in response to ahm.m
        Those are source ports and they keep on changing (above 1024 and not reserved by TCP/IP stack). In the firewall rule the source ports are 'ANY' by default unless you want to code a specific source port.

        --Sunit
        • ahm.m
          ahm.m
          6 Posts
          ACCEPTED ANSWER

          Re: Ports from IHS to WAS

          ‏2013-03-08T04:20:04Z  in response to Sunit
          Thanks sunit