Firewall Rules
Firewall rules need to be created on the local firewall to allow the local IBM® Connect:Direct® node to communicate with the remote IBM Connect:Direct node. A typical packet-filtering firewall rule specifies that the local firewall is open in one direction (inbound or outbound) to packets from a particular protocol with particular local addresses, local ports, remote addresses, and remote ports. Firewall Navigation differs between TCP; as a result, firewall rules for TCP should be configured differently.
TCP Firewall Navigation Rules
In the following table, the TCP rules are presented in two sections: the first section applies to rules that are required when the local node is acting as a PNODE; the second section applies to rules that are required when the local node is acting as an SNODE. A typical node acts as a PNODE on some occasions and an SNODE on other occasions; therefore, its firewall will require both sets of rules.
| TCP PNODE Rules | |||
|---|---|---|---|
| Rule Name | Rule Direction | Local Ports | Remote Ports |
| PNODE session | Outbound | Local C:D's source ports | Remote C:D's listening port |
| TCP SNODE Rules | |||
| Rule Name | Rule Direction | Local Ports | Remote Ports |
| SNODE session | Inbound | Local C:D's listening port | Remote C:D's source ports |