Try OpenEdge Now
skip to main content
WebSpeed Essentials
Running and Deploying WebSpeed Applications : Firewall configuration and debugging : Debugging firewall configurations
 

Debugging firewall configurations

After configuring the firewall, you must test the configuration to see if it works. The easiest way to do this is to try to run the WebSpeed application from the Internet. This probably means you must disconnect the test client PC from the internal network and then dial an Internet Service Provider (ISP) to then act as a "real" Internet client.
First, make sure everything works by entering the URL for the application into your Web browser. In most cases this method fails because the firewall configuration omitted one or two ports or a ubroker.properties setting was left unchanged.
For help in tracing the cause of the failure, see WebSpeed request round-trip to remind yourself what the entire round-trip process is and test each stage one at a time. The error shown by the Messenger (if it worked that far) will lead you to the answer as well.
Note: You might want to use a software tool like Ethereal (http://www.ethereal.com) to allow you to see what packets are traversing the network.
If you are using Microsoft Windows 2000 or later to host the Web server, you might find that UDP or TCP packets are being sent, but they are being ignored by the Web server machine. This can be caused by incorrectly setting the IP Packet filter. All ports used for the firewall access must be allowed in the IP Packet filter. Packet filter settings are addressed in the following topics.
To access the IP Packet Filter settings:
1. In the Windows Control Panel, click Network Connections.
2. Right-click on your LAN connection and select Properties from the pop-up menu. The Local Area Connections Properties dialog box appears:
3. Choose Properties. The Internet Protocol (TCP/IP) Properties dialog box appears:
4. Click Advanced. The Advanced TCP/IP Settings dialog box appears:
5. Choose the Options tab, as shown:
6. Highlight TCP/IP Filtering in the list and then click Properties. The TCP/IP Filtering dialog box appears.
7. You can set the filter to allow all packets as shown, or you can restrict the ports allowed by adding them into the appropriate areas:
Note: If you must use DNS, then you also must allow UDP port 53 and TCP port 53. For the Web server, you need port 80. For HTTP/S, you need port 443.
* Web server access
* WebSpeed Messenger
* NameServer Access
* Accessing the WebSpeed broker
* Accessing the WebSpeed agent