Firewall Configuration Examples
In the firewall configuration examples for TCP the following IP addresses and source ports will be used:
Note: The IP addresses in the examples are samples and are not intended to be valid IP addresses.
- The local node has IP address 222.222.222.222 and listening port 2264. Its source ports for communicating with the remote node are 2000–2200.
- The remote node has IP address 333.333.333.333 and listening port 3364. Its source ports for communicating with the local node are 3000–3300.
TCP Firewall Configuration Example
The IBM® Connect:Direct® administrator configures the local node to listen on port 2264, and the following initialization parameter settings are used to configure the local node's source ports:
- TCP.SRC.PORTS = (333.333.333.333, 2000–2200)
- TCP.SRC.PORTS.LIST.ITERATIONS = 1
This configuration specifies to use a source port in the range 2000–2200 when communicating with the remote node's address 333.333.333.333 and to search the port range one time for an available port. The local node will act as both a PNODE and an SNODE when communicating with the remote node.
Based on this scenario, the firewall rules for the local node are the following:
Rule Name | Rule Direction | Local Ports | Remote Ports |
---|---|---|---|
PNODE session request | Outbound | 2000–2200 | 3364 |
SNODE session | Inbound | 2264 | 3000–3300 |