Adapter behind a firewall

Similar Messages

• How can I put my program behind a firewall or make it more secure?

  I have a client server program and I was reading through my notes. I had jotted down a recommendation to put it behind a firewall. However, I do not know how to do this in Java at all or even where to begin. How do I even create a firewall in Java?
  I'm also not sure if this is the security I need.
  This program is already running inside a network limited only to certain users. However, this particular program is limited only to two users. Also, the client runs on Unix and Windows machines accesible by many users in our project. I would not know how to create a firewall for just this program and just these two users.
  Right now my program is sorta like the basic client/server program examples given in the Java tutorials. It verifies the IP address of the client but like I said before anyone can be logged into that IP but only two users should be allowed to run the commands.
  Would a firewall even work in this case?

  However, I do not know
  how to do this in Java at all or even where to begin.
  How do I even create a firewall in Java? You don't.
  I'm also not sure if this is the security I need.I don't think so.
  I would not know how to create a firewall for just this
  program and just these two users.A firewall is not for restricting access to particular users of a network. It's for keeping unauthorized people out of the network entirely. What you should do is secure the server (how to do this depends on probably many factors), and use a username and password in the client app to control access. The client contacts the server, passing the credentials, and the server either grants or denies access. It's possible you would want to hash and salt the password, depending on how secure it needs to be.

• Connect Oracle 10g client to the Oracle 10g database behind a firewall

  I need to connect an Oracle 10g client to the Oracle 10g database (windows server 2003 box) behind a firewall. I ran into this problem: Port redirection. Port redirection requires the Oracle client to connect to the database using a different port (usually a randomly selected TCP port) than the default or originally configured one. If there is no firewall between the server and the client, port redirection will not affect the actual connection. However, if port redirection does occur with the server behind a firewall, the client will be likely to suffer from a connectivity failure. The reason is simple: the newly assigned port based on port redirection is often blocked by the firewall. Such failures are not uncommon on Windows platforms.
  I don't know how to stablished an unique TCP port.
  I Enabled USE_SHARED_SOCKET on the Oracle database server, windows registry. Acording to what I read,that will force the server machine to share its port 1521 and thus all clients will stay on that port when connecting to the database. Noticeably, port redirection will not occur with USE_SHARED_SOCKET enabled, but that's true in oracle 8 or oracle 9. In oracle 10g this solution doesn't work.
  I will apreciate any help about this. Please!
  Thanks in advanced.

  Three solutions in order of preference
  1 Use Connection Manager on the server (only installed using a Custom Install). This will tunnel all traffic through a single port. It will also allow you to configure allowable nodes
  2 Set up shared server to use a fixed port. Disadvantage: shared server has overhead and the number of connections is limited
  3 Use shared_sockets. Disadvantage: when you stop the listener everyone is disconnected.
  Sybrand Bakker
  Senior Oracle DBA

• ACE problem - bridge mode - behind a firewall

  Hello
  We are having problems with one of you ACE context, this implementation was done by a supplier and I am trying to troubleshoot it.
  The clients and the servers are on different subnets, there is a Nokia firewall in the middle. The firewalls are setup on a cluster.
  Connecting to port 7072 is taking at least 30 seconds. If I move the server into the VLAN in front of the ACE, the connection is instant. So it does indicate a problem on the ACE.
  The client IP is .99.11.
  The VIP is .100.62 and the server node is .100.12.
  Running the capture command I can see the following behavior:
  1. The client initiates the connection to the ACE Vip
  2. At the same time it looks like a second connection is initiated from the client to the server node
  Please see attachment.
  Is this a normal situation where the connection is duplicated?
  Does this interface setup look correct?
  Is the bridge mode the correct setup in this scenario?
  interface vlan 10
  bridge-group 2
  no normalization
  mac-sticky enable
  access-group input PERMITALL
  service-policy input VLAN10-INTER-MMPM
  no shutdown
  interface vlan 15
  bridge-group 2
  no normalization
  access-group input PERMITALL
  no shutdown
  interface bvi 2
  ip address 192.168.100.7 255.255.255.192
  alias 192.168.100.6 255.255.255.192
  peer ip address 192.168.100.8 255.255.255.192
  no shutdown
  ip route 0.0.0.0 0.0.0.0 192.168.100.1
  Many thanks,
  Damian

  Thanks for replying James,
  I am sure I configured the capture only for VLAN10 which is in the VIP side.
  But you are right, it looks like is showing both VLAN10 and VLAN15. So that is one of my theories out of the window! :)
  This is a new installation, still on the testing stage. So it would be good time to make changes.
  Do you normally implement a routed setup behind a firewall? Rather than a bridged….
  It is quite a small setup:
  • Traffic is coming from a separate local subnet
  • Traffic is not coming from the internet so it does not required a NAT
  • We need 1 VIP listening on two ports
  • The backend servers are four Linux boxes
  Thanks again,
  Damian

• Essbase-behind-the-firewall problem

  The essbase server (6.2) is behind the firewall. All the needed ports are open (according to support recomendations). I can log on, start and use the first application, but after i start the second one (no matter which) and try to save the outline or retrive the data in SS Add-In essbasey displays consecutive error messages:1) Invalid login id - please login again2) Invalid login id - request [EssGetClientSettings] failes3) Invalid login id - request [adListObjs] faied.Thus i can only use 1 application at a time %((.Please help.Alex

  The Excel Essbase addin was not designed to work nice with firewalls.. The new Essbase Spreadsheet Services was, however, designed to work through a firewall. Additionally, our product, ActiveOLAP for Essbase 2.0, was also designed to work through a firewall as well (and features a nearly exact Excel interface w/o using any Excel components (and without any Microsoft licensing issues).Tim TowApplied OLAP, Inc

• RPC-XML and JMXBeans works behind a firewall?

  Hi,
  i�m studing Java and have a question, RPC-XML and JMXBeans is possible to run this tecnologies in Internet??
  for example, if i have a J2EE server or a RPC-XML server and it is public for Internet, somebody can access to my services from his officce or house?
  JMXBeans i think that have some types of communications, as rmi, jndi or ldap but i dont know thar it works fine behind a firewall
  Sorry for my poor English, i�m studing it too

  Behrang Saeedzadeh <[email protected]> writes:
  If you are going through a firewall then you are best off using http
  tunneling for you client communication assuming the performance is
  acceptable. If you do this then you should have no problems. For an
  authenticating firewall with tunneled t3 you may need to provide
  credentials to get through. If you are using wlclient.jar then you may
  need to raise a support call since we don't currently support proxy
  auth with tunneling.
  andy
  Hi all
  I'm developing a Swing application that connects to an application server and uses EJBs for communicating with the server.
  My application works fine, now that it's not behind a firewall. Can my application also connect to the server when the client is behind a firewall? What if the client is behind a firewall that requires authentication?
  If the answer to the above questions is no, could someone please tell me what do I have to do in order to guarantee that my application also works behind a firewall (or an authenticating firewall.)
  Best Wishes,
  Behrang S.--

• JMXBeans and RPC-XML works behind a firewall???

  Hi,
  i�m studing Java and have a question, RPC-XML and JMXBeans is possible to run this tecnologies in Internet??
  for example, if i have a J2EE server or a RPC-XML server and it is public for Internet, somebody can access to my services from his officce or house?
  JMXBeans i think that have some types of communications, as rmi, jndi or ldap but i dont know thar it works fine behind a firewall
  Sorry for my poor English, i�m studing it too

  Behrang Saeedzadeh <[email protected]> writes:
  If you are going through a firewall then you are best off using http
  tunneling for you client communication assuming the performance is
  acceptable. If you do this then you should have no problems. For an
  authenticating firewall with tunneled t3 you may need to provide
  credentials to get through. If you are using wlclient.jar then you may
  need to raise a support call since we don't currently support proxy
  auth with tunneling.
  andy
  Hi all
  I'm developing a Swing application that connects to an application server and uses EJBs for communicating with the server.
  My application works fine, now that it's not behind a firewall. Can my application also connect to the server when the client is behind a firewall? What if the client is behind a firewall that requires authentication?
  If the answer to the above questions is no, could someone please tell me what do I have to do in order to guarantee that my application also works behind a firewall (or an authenticating firewall.)
  Best Wishes,
  Behrang S.--

• Confussion: DNS/FQDN behind SOHO Firewall/Router

  Hi Everyone,
  I'm a little confused as to the setup of DNS behind a Firewall/Router.
  I have previous had an OS X 10.6 server with DNS setup directly to a Global IP.
  In my new setup, I will have a SOHO Firewall/Router setup at the "edge" with server & clients on the Local LAN. I will need the server to be able to serve up DNS / Open Directory master / Web Services / etc. both publically and privately. The SOHO device will serve up DHCP.
  Port Forwarding on the SOHO router is not an issue, so covered there.
  I am a bit confused on what to do on the DNS side as it is now sitting on private lan but needs to serve out publically as well.
  Is it as simple has having something like the following in the DNS tables?
  Note: dns1.mycompany.com. would have static IP: 192.168.1.10
  dns1.mycompany.com. IN A 123.123.123.123
  dns1.mycompany.com. IN A 192.168.1.10
  10.1.168.192.in-addr.arpa. IN PTR dns1.mycompany.com.
  123.123.123.123.in-addr.arpa. IN PRT dns1.mycompany.com.
  That way there is a machine record and reverse lookup for both internally and externally?
  Message was edited by: Jin597

  I am not saying the following is the only way to do it, but typically you would run your own DNS server internally and may have for example www.yourcompany.com resolve to a local private IP address, and externally you would have your ISP run a DNS server for the same domain but it would resolve to your public IP address.
  The outside world would only see and use the ISPs version and would therefore always use the (correct) public IP address, and your users on the LAN would use your internal DNS server and hence the private IP address.
  It would be possible to do the same all yourself by having two separate DNS servers internally but keeping one for use by your LAN, and the other for use (only) by external users. I don't believe the standard Apple Server Manager utility makes it possible to properly do both on one server.

• Installing Iplanet web server and directory server behind a firewall

  When installing iplanet web server and directory server behind a firewall - should the interal ip address be used or the external ip address?

  Hello,
  When you are installing iplanet web server behind a firewall,you should use the internal ip address in the firewall.
  1. The external ip address connection to the Internet. The type of IP address used?dynamic (commonly used for standard
  modems) or static (commonly used for cable modems) is dictated by the ISP to which you connect and the type of service it provides.
  2. The internal ip adress connection. This connection must be a static IP assignment, and it must be assigned by you.
  obviously it depends on the type of firewall setup you have.
  Thanks
  Selva

• Portal Installation from behind the Firewall

  Hi
  I'm tryin to install portal but my db is behind the firewall , how to aolve this problem ???? i cant use tns connect string
  here is what i have in my tnsnames.ora
  IDB =
  (DESCRIPTION =
  (ADDRESS_LIST =
  (ADDRESS = (PROTOCOL = tcp)(PORT = 1610)(HOST = 192.168.0.2))
  (ADDRESS = (PROTOCOL = tcp)(PORT = 1521)(HOST = 172.16.10.49))
  (CONNECT_DATA =
  (SID = dolphin)
  (SOURCE_ROUTE = yes)
  )

  Hi
  My firewall support SQL , because I can connect to my database from 9ias server outside the firewall but my problem is only with Portal Installation , because I cant use tns connect string , I can only use the server name and the port , and I can only connect using tns connect string because
  I have added to entries one for my firewall
  and the other one is for db ...
  any help please

• Download site points to behind-the-firewall site

  On page http://www.oracle.com/technology/software/products/ias/htdocs/wls_main.html we find at least one link (displaying "see this document") which points to a site behind the firewall (http://fmwdocs.us.oracle.com/)
  Amusingly, that protected link is the one that tells us what to do when we get the software.
  QA reigns supreme!

  Thanks Hans - it will be updated to point to:
  http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14142/guimode.htm#BABHJJEG

• Issues with accessing forms applications behind a firewall & caching proxy

  We have web enabled an forms application and has the following set-up at server end.
  Machine no 1. Oracle Forms Server 6i with patch level 1 listening on HTTP/Port 80 on a windows NT box.
  Machine no 2. Apache Webserver. listening on HTTP/Port 80
  Both the machines are behind a firewall which allows only HTTP on port 80.
  At clients end we have
  1. a firewall which allows only HTTP on port 80.
  2. a caching proxy server
  The client machine connects through the caching proxy server.
  When the client connects the applet gets downloaded and initialised, the form server log shows the following
  -Forms Server Log-----
  [09/27/00 15:01:09 India Standard Time]::LISTN: Connection Request [ConnId=13, Addr=194.120.163.251:16278]
  [09/27/00 15:01:09 India Standard Time]::RUNFORM Client Connected [ConnId=13, PID=188]
  at the same time at the client side we get a FRM-92050 error: Failed to connect to server fs.formserver.com:80
  Please help
  Thanks
  null

  Thanks Henrique.
  This is not very promising but it confirms there is a potential issue
  How did you manage to solve the problem, allowing the NW server/application to perform direct accesses?
  Adalbert

• Can't Activate Acrobat XI Standard behind company firewall.

  I have a custom packaged MSI for Adobe Acrobat XI Standard.  The MSI has our volume license key baked in.  When the MSI is installed on a client behind our firewall and webfilter, the application can't activate.  When I install the same MSI on the same client on a public WIFI network, the install succeeds.  Where can I obtain information about the server that the MSI needs to contact to activate so that I can get that connection whitelisted?

  KmerendaFMC can you please try verifying you have access to the following servers:
  ccmdls.adobe.com:443
  ims-na1.adobelogin.com:443
  na1r.services.adobe.com:443
  prod-rel-ffc-ccm.oobesaas.adobe.com:443
  lm.licenses.adobe.com:443
  activate.adobe.com

• Getting wsdl file from behind a firewall

  Hi All,
  I need to create a webservice using a WSDL file. The client is behind a proxy/firewall which requires authentication.
  I am using a service factory:
  ServiceFactory factory = createServiceFactoryInstance();
  factory.createService(wsdlLocation, serviceName);
  The call is made through the proxy, because i set the http.proxyHost and http.proxyPort properties.
  Now, the proxy server does not allow the client to get this WSDL without authorization. I have the username and password, but I don't know how to insert them to the request for the wsdl file.
  Does anyone know how to do it?
  Thanks!

  hi,
  Please ensure that u can go through firewall to port 3306.
  Try telnet mysql.server_ip 3306. I no response contact fw admin to allow your ip to go thru.
  daniel

• GTalk from behind the firewall using Python

  Friends,
  I'm a student accessing the net from behind the University Firewall and it does not allow us access to GTalk (some crappy policy). When I was using Windows, about a couple of months back, I used to run Python server and to tunnel thru it to access Internet and GTalk in particular.
  Now Google does not have a dedicated GTalk client, . I tried fiddeling with some settings in iChat and Adium but couldn't get it to work.
  Can anyone help in this respect.
  highly hopeful,
  Aditya
  Macbook   Mac OS X (10.4.8)   2.0Ghz Intel Core 2 Duo, 1Gb ram, 80Gb HD

  Hi,
  This forum may be of more help
  http://discussions.apple.com/forum.jspa?forumID=755
  5:11 PM Sunday; February 25, 2007