Q:
Port 443 is 'filtered' to internet clients. How can I make it 'open'?
The problem is that HTTPS 443 port isn't accessible from interned, but it is open in local network.
Our iSeries is connected to inet via L2TP withot IPSec.
If no packet filters are active, nmap shows that ports 25, 80, 110 and even 10322 (WAS admin console) have state
'open' on internet ip address.
443 have state 'filtered'.
If I activate the following packet rules:
# -----------------------------------------------
# Statements to permit inbound HTTP over STATICIP
# -----------------------------------------------
INCLUDE FILE = /QIBM/UserData/OS400/TCPIP/PacketRules/Services.i3p
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = OUTBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_80_FS
JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = INBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_80_FC
JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = OUTBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_443_FS
JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = INBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_443_FC
JRN = OFF
FILTER_INTERFACE INTERFACE = STATICIP SET = HTTP_INBOUND
# -----------------------------------------------
port 80 is 'open', 443 is 'filtered'.
How can I make it 'open'?
Thank you in advance.
Our iSeries is connected to inet via L2TP withot IPSec.
If no packet filters are active, nmap shows that ports 25, 80, 110 and even 10322 (WAS admin console) have state
'open' on internet ip address.
443 have state 'filtered'.
If I activate the following packet rules:
# -----------------------------------------------
# Statements to permit inbound HTTP over STATICIP
# -----------------------------------------------
INCLUDE FILE = /QIBM/UserData/OS400/TCPIP/PacketRules/Services.i3p
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = OUTBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_80_FS
JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = INBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_80_FC
JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = OUTBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_443_FS
JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = INBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_443_FC
JRN = OFF
FILTER_INTERFACE INTERFACE = STATICIP SET = HTTP_INBOUND
# -----------------------------------------------
port 80 is 'open', 443 is 'filtered'.
How can I make it 'open'?
Thank you in advance.
ASKED:
Nov 21 2008 1:32 PM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
0
