Configuring Firewall Navigation

Firewall navigation enables controlled access to a IBM® Connect:Direct® system running behind a packet-filtering firewall without compromising your security policies or those of your trading partners. You control this access by assigning a specific TCP source port number or a range of source port numbers with a specific destination address (or addresses) for IBM Connect:Direct sessions.

About this task

Before you configure source ports in the IBM Connect:Direct initialization parameters, you need to review the information in this section.

Procedure

  1. Coordinate IP address and associated source port assignment with the local firewall administrator before updating the firewall navigation record in the initialization parameters file.
  2. Add the following parameters to the IBM Connect:Direct initialization parameters file as needed:
    • TCP.SRC.PORTS
    • TCP.SRC.PORTS.LIST.ITERATIONS

      In a IBM Connect:Direct/Plex environment, specify these parameters in the local initialization parameters file of the IBM Connect:Direct/Plex member that communicates with an external firewall.

  3. Reinitialize IBM Connect:Direct for z/OS®.
  4. Coordinate the specified port numbers with the firewall administrator at the remote site. These ports must also be available for IBM Connect:Direct communications on the firewall of your trading partner.