Esko Logo Back to Esko Support
Choose your language for a machine translation:


Description

You should physically arrange the network devices so that the Web Server is in a proper DMZ architecture (between two firewalls or plugged into a DMZ port of the public router/firewall).

Procedure

When moving the Web Server, we need to ensure the following ports are open:

For 18.1+

  1. Configure Firewall 1 (public router/firewall):
    1. Allowed to route traffic to Web Server inside DMZ for HTTP and HTTPS.
    2. Default ports:
      • 80 (HTTP)
      • 443 (HTTPS).
  2. Configure Firewall 2 (gatekeeper for private network):
    1. Allowed to route traffic on specific ports to WebCenter’s Application Server.
    2. Default ports: 
      • 4444 (RMI/JRMP invoker object)
    1. Extra ports needed if Application server was configured with an external View Server:
      • 14444

Note

In versions 20.0+, the viewer will be installed External by default.


For 18.01 and older:

  1. Configure Firewall 1 (public router/firewall):
    1. Allowed to route traffic to Web Server inside DMZ for HTTP and HTTPS.
    2. Default ports:
      • 80 (HTTP)
      • 443 (HTTPS).
  2. Configure Firewall 2 (gatekeeper for private network):
    1. Allowed to route traffic on specific ports to WebCenter’s Application Server.
    2. Default ports: 
      • 1099 (JBOSS Naming Service)
      • 2500 (JBOSS Naming Service RMI)
      • 4444 (RMI/JRMP invoker object)
      • 3873 (EJB3)
    1. Extra ports needed if Application server was configured with an external View Server:
      • 14444
      • 12500
      • 11099

Once these ports are opened, we need to make sure the Web Server can still obtain the IP of the Application Server:

  1. Install Telnet client feature on the Web Server.
  2. On the Web Server, open command prompt.
  3. Check if the appserver_name gets translated into an IP address. To check, test either of the following in command prompt:
    • nslookup appserver_name
    • telnet appserver_ipaddress 1099

These commands will tell if the Web Server can obtain the IP address of the Application Server. If not, either add the Application Server to the DNS Server or add the Application Server to WebCenter's Web Server host file. In general the DNS solution is preferred.

(for the host solution, see also: http://help.esko.com/docs/en-us/webcenter/12.1/referenceguide/home.html?q=en-us/common/wc/concept/co_wc_Troubleshooting1136415.html)


Article information
Applies to

WebCenter

Created

 

Last revised

 

AuthorSRAM
Case Number
Contents


Copyright© 2015-2019 Esko. All trademarks or registered trademarks are property of their respective owners.