|
|
|
Verastream Integration Broker and the Microsoft Windows Firewall (Included in XP Service Pack 2)
Technical Note 10035
Last Reviewed 12-Aug-2004
Applies To
Verastream Integration Broker
Summary
Figure 1 - The Windows Firewall Exceptions List (Default)
Technical Note 10035
Last Reviewed 12-Aug-2004
Applies To
Verastream Integration Broker
Summary
Windows XP Service Pack 2 (SP2) includes a new Windows Firewall. In prior releases, this feature was known as the Internet Connection Firewall (ICF) and was disabled by default. Starting with the SP2 release, during installation the firewall is automatically enabled on all network connections and is configured to block all unsolicited incoming traffic. This note describes how the Windows Firewall interacts with Verastream Integration Broker.
About the Windows Firewall
The Windows Firewall is a stateful host firewall that runs in Windows XP and blocks all unsolicited incoming traffic, unless configured to permit the traffic. Outgoing traffic and traffic internal to the Windows XP machine is not blocked by the firewall.
Verastream and the Windows Firewall
Attachmate has tested the current Verastream Integration Broker product with the Microsoft Windows Firewall. The following sections detail instances where you must configure the Windows Firewall to permit Verastream traffic.
For information about the current version of Verastream, see the Attachmate Product Support Lifecycle at http://support.attachmate.com/programs/lifecycle/version-status.html?verastream.
Configuring the Windows Firewall to Permit Verastream Traffic
If all Verastream components are installed and run on the same Windows XP SP2-based machine, there should be no need to configure the Windows Firewall, since all Verastream traffic is local to the Windows XP machine. However, if the Verastream components are installed on different machines, you must configure the Windows Firewall to permit unsolicited incoming Verastream traffic. If attempts are made to access Verastream before the necessary port(s) have been opened, the attempt will fail.
For a list of default port numbers which may receive unsolicited Verastream traffic, see Technical Note 10036.
Note: You must be a member of the Window's Local Administrative group to configure the firewall. The firewall can be configured using Group Policies or scripting. For more information about these deployment options, see "Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2" on the Microsoft web site at
Adding Verastream to the Windows Firewall Exceptions List
Follow the steps below to open a port for external access to the Verastream components.
- From the Control Panel, click Security Center > Windows Firewall.
- On the Exceptions tab, click Add Port.
Figure 1 - The Windows Firewall Exceptions List (Default)- Enter a name (such as "Verastream sntcpd") and the port number from the table above.
- If you want to restrict the scope of access to the port, click Change scope, enter the information appropriate to your environment, and then click OK.
- Repeat steps 3 and 4 for each additional Verastream port being used in your environment.
- Click OK.
For further information about manually adding application or port exceptions to the Windows Firewall, see Manually Configuring Windows Firewall in Windows XP Service Pack 2 on the Microsoft web site at
Troubleshooting the Microsoft Firewall
For information about troubleshooting the Microsoft Firewall, see "Troubleshooting Windows Firewall in Microsoft Windows XP Service Pack 2" on Microsoft's web site at
