Opening Ports for Filemaker Server Advanced 8.0 (Leopard Only)

Having trouble opening FileMaker Server Advanced on Leopard (works on Tiger). I've spent hours on the phone with FileMaker and Apple tech support. FileMaker tech support has indiated that I need to allow FileMaker to see ports 5003 to 5006, and 50003 to 50006. To do this I will need to interact with Terminal. I find this very odd and would like to know if anyone else can verify the need to do this, or a better solution. Shouldn't Server just work like it always has? I don't buy this none-supported business when I spent as much as I did on this product 2 months before version 9 came out. Okay..sorry I'm just venting.

Your ACL is wrong. With version 8.2x you have to use the translated IP in the ACL. With only one IP you can also use the keyword "interface":
access-list outside_access_in extended permit tcp any interface eq 5001
no access-list outside_access_in extended permit tcp any host MiniSrvr object-group DM_INLINE_TCP_1
static (inside,outside) tcp interface 5001 MiniSrvr 5001 netmask 255.255.255.255
That will forward tcp/5001 arriving on the external interface to your MiniSrvr on Port tcp/5001
BTW: You should move this question to Security->Firewalling.
Sent from Cisco Technical Support iPad App

Similar Messages

  • How to open Ports for App running in VPC

    Trying to open ports for a Windows app that I am running via VPC but the application still shows the port is unreachable.
    So far I have, opened the port in Mac OSX Firewall, opened ports on my D-Link DSL504G router, disabled the Windows firewall (plus opened the ports in case it became enabled).
    Have also redirected the ports to the IP address within VPC Windows and the Mac itself.
    Have run out of ideas as nothing seems to work.
    Regards
    Alan

    Try the following ...
    AEBSn - Port Mapping Setup
    To setup port mapping on an 802.11n AirPort Extreme Base Station (AEBSn), either connect to the AEBSn's wireless network or temporarily connect directly, using an Ethernet cable, to one of the LAN port of the AEBSn, and then use the AirPort Utility, in Manual Setup, to make these settings:
    1. Reserve a DHCP-provided IP address for the host device.
    Internet > DHCP tab
    o On the DHCP tab, click the "+" (Add) button to enter DHCP Reservations.
    o Description: <enter the desired description of the host device>
    o Reserve address by: MAC Address
    o Click Continue.
    o MAC Address: <enter the MAC (what Apple calls Ethernet ID if you are using wired or AirPort ID if wireless) hardware address of the host computer>
    o IPv4 Address: <enter the desired IP address>
    o Click Done.
    2. Setup Port Mapping on the AEBSn.
    Advanced > Port Mapping tab
    o Click the "+" (Add) button
    o Service: <choose the appropriate service from the Service pop-up menu>
    o Public UDP Port(s): <enter the appropriate UDP port values>
    o Public TCP Port(s): <enter the appropriate TCP port values>
    o Private IP Address: <enter the IP address of the host server>
    o Private UDP Port(s): <enter the same as Public UDP Ports or your choice>
    o Private TCP Port(s): <enter the same as Public TCP Ports or your choice>
    o Click "Continue"
    (ref: "Well Known" TCP and UDP ports used by Apple software products)

  • Open ports for all in LAN

    Hi, a few days ago I bought a wireless router WRT160n. I want to ask how to open some port for all in LAN(3 clients). For example all in LAN have PeerToPeer application for torrents. I want to open port for example 20202 for all. Now I open port from menu Applications & Gaming->Single Port Forwarding, but I must set port for each user IP address.
    Can somebody tell me how to open port for all in LAN without to config for each computer?
    Thanks in advance.

    Hi gv. I read more about UPnP and the WRT160n User Guide. In section Administration>managment int wrote that UPnP is Enabled by default in my router it is corect. I Setup mu PeerToPeer(eMule) TCP/UDP ports to 20202 and check option "Use UPnP to setup ports". I test and close this port on my router configuration for my computer on "Single Port Forwarding", but in eMule the port is still block. Can you explain why it did not work. For UPnP it says that if Enable it allow users with Windows ME and XP automatically to gonfigure Router ports
    Thanks in advance!
    Best Regards.

  • Do I need to open ports for NTP?

    I just noticed that my hwclock was off by nearly 30 seconds. It's almost certainly due to the recent initscripts update.
    As I was looking into resetting the clock, I found out that openntpd is deprecated so I've switched to ntp, configured the daemon, reset the time with ntpd -q, and started the daemon. The time is not accurate again.
    I remember back when I first installed Arch I tried to set up ntp but it didn't seem to work, so I tried openntpd and stuck with that. I reached the conclusion that ntp required open ports, which I felt was unnecessary given that openntpd could do the same thing without open ports.
    Now that I'm looking at it again, I can't find any definitive answer...
    Do I need to open ports for ntp if I only want to sync the system that it's running on?

    ISC ntpd (the ntp package) will open UDP 123 on all your interfaces regardless of what you do with it. It will work anyway even if you block this port in iptables, assuming that you're allowing responses to established traffic as usual - your outbound mobilization requests to your chosen servers will be enough to allow the responses, and the same with further traffic sent for the lifetime of ntpd. Using iptables like this is probably the easiest way to secure ntpd.
    There's also some defense in depth you can do:
    - run ntpd as non-root
    - run it chrooted to some safe directory (really only makes sense when doing non-root as well, since root can break out of a chroot)
    - apply ntpd's built-in access controls (see examples in ntpd.conf, and full docs in ntp_acc(5))
    I accomplish the first two of these by chowning /var/lib/ntp (and any contents) to ntp:ntp (so ntpd can write ntp.drift there when non-root), by using a driftfile path relative to the chroot in ntp.conf, and by setting NTPD_ARGS="-g -i /var/lib/ntp -u ntp:ntp" in /etc/conf.d/ntp-client.conf.
    For the third, I chose to not allow any remote traffic to initiate anything with my ntpd, with this /etc/ntp.conf:
    server ac-ntp0.net.cmu.edu iburst
    server ac-ntp1.net.cmu.edu iburst
    server ac-ntp2.net.cmu.edu iburst
    server ac-ntp3.net.cmu.edu iburst
    server ac-ntp4.net.cmu.edu iburst
    restrict default nomodify nopeer noquery
    restrict 127.0.0.1
    driftfile /ntp.drift
    Note the two "restrict" lines. The first shuts out remote access of most kinds, and the second allows the local machine all the access that would also be denied to it as well otherwise by the first rule. Note also the driftfile path, relative to the chroot of /var/lib/ntp/.
    With all these security features, ISC ntpd can be just as safe as openntpd.
    The use of the "iburst" keyword on the server lines to recover more quickly from out-of-contact conditions is also quite nice, and not rude to the remotes like "burst" would be.
    One of the nicest other features of ISC ntpd is that it's smart enough to notice when network state changes occur, like bringing a VPN up/down, changing routes, or switching from wired to wireless and back. openntpd tended to just lose connections in these cases.

  • Do I need to open ports for my services if I am connecting through VPN

    Hi,
    I work in a small office and we are trying to connect people remotely to our server through VPN.
    Using the Server App I managed to make VPN work and successfully connected to our file share points, so that means file sharing worked without opening ports for afp on my Airport router.
    On the other side I cant connect to other services as iCal and Address Book as I am locally in the office. Does that mean I have to open the ports for those services on the router, if yes then why use VPN in the first place.
    Thanks,

    If I understood you correctly:
    External client -> (server.domain.name) -> Router -> Server: is working
    Internal client -> (server.domain.name) -> Router -> Server: is not working
    Internal client -> (local ip) -> Server: is working
    If yes, you can implement a-la "split zone DNS".
    1. On the external DNS your domain name server.domain.name resolved to the external router IP.
    2. You should add record (and zone) server.domain.name to your OS X Lion Server DNS pointing to local IP
    When you are connected to VPN, system sets DNS server to your Lion server and server.domain.name is resolving to local IP.
    When you are working without VPN, system use external DNS and server.domain.name is resolving to external IP.
    Of course, you should open ports for your services on the router is you want to use them from external network.
    I am using this configuration and it works perfectly.

  • Error opening port for replicat

    Hi Guys,
    I m getting below, while sending statust on target.
    GGSCI (PMS) 15>info all
    program Status Group Lag Time Since Ckpt
    MANAGER RUNNING
    REPLICAT RUNNING REPYA 243:53:20 53:49:42
    GGSCI (PMS) 16> send repya status
    Sending STATUS request to REPLICAT REPYA ...
    ERROR: opening port for REPLICAT REPYA (Connection timed out).
    #cat REPYA.pcr
    PROGRAM REPLICAT PROCESSID REPYA PORT PMS.7840 PID 26342
    #telnet PMS 7840
    Trying...
    telnet:Unable to connect to remote host:Connection timed out
    What could be issue ???

    The server where Replicat is running is up? Can the server be pinged/telnet by another server? Can the source server connect anywhere else? Firewall? Network services running? Network troubleshooting 101.

  • Open port for Software Update Point

    hallo
    i need open port for the Software Update Point (wsus) ?
    thanks
    אם תגובתי פתרה את בעייתך - לחץ/י, על &quot;סמן כתשובה&quot; ליד סימן ה V הירוק.

    For a default installation of WSUS that would be HTTP 8530 or HTTPS 8531
    My Blog: http://www.petervanderwoude.nl/
    Follow me on twitter: pvanderwoude

  • Do i need to open port for crash plan online backup service

    do i need to open port for crash plan online backup service?
    Thanks!

    Possibly. I would start by checking out this CrashPlan support article. CrashPlan does require certain ports on both your computer's and network router's firewall to be open in order to communicate properly.

  • Getting error 'opening port for MGR  (Connection refused).

    Hi Guys,
    I m getting below, while starting replicat on target.
    GGSCI (ggtarget) 16> start replicat RLOAD
    Sending START request to MANAGER ...
    ERROR: opening port for MGR MGR (Connection refused).
    GGSCI (ggtarget) 20> view param mgr
    PORT 7809
    USERID orgg, PASSWORD orgg
    PURGEOLDEXTRACTS /ggs/dirdat/*, USECHECKPOINTS
    GGSCI (ggtarget) 21> view param rload
    REPLICAT RLOAD
    USERID orgg, PASSWORD orgg
    ASSUMETARGETDEFS
    HANDLECOLLISIONS
    APPLYNOOPUPDATES
    GETUPDATEBEFORES
    reperror default, discard
    DISCARDFILE ./dirrpt/rload.dsc, purge
    MAP HR.TCUSTORD, TARGET HR.TCUSTORD;
    MAP HR.TCUSTMER, TARGET HR.TCUSTMER;
    from Source I could able to do the telnet to target...
    What could be issue ???

    Hi,
    Error:
    GGSCI (ggtarget) 16> start replicat RLOAD
    Sending START request to MANAGER ...
    ERROR: opening port for MGR MGR (Connection refused).
    You can start Manager, but when you try to start Replicat, GGSCI gives me a connection timeout error
    Solution:
    GoldenGate uses a TCP/IP socket to communicate between local processes. When you issue a START, STOP, SEND, or other command in GGSCI, the command interface will try to open a local port for the process.
    Here is how to find out which local ports these processes are listening on. In the dirpcs directory, there will be one file for each running GoldenGate process.
    For Manager, the file name will be MGR.pcm.
    For Extract, it will be <GROUP_NAME>.pce.
    For Replicat, it will be <GROUP_NAME>.pcr.
    These are text files that can be viewed by using cat or any equivalent command. For example, the MGR.cpm file content will read like this:
    PROGRAM MGR PROCESSID MGR PORT sys1.4356 PID 60070
    After the keyword PORT will be the local hostname and the port number that Manager is supposed to be running on. In the preceding example, the hostname is sys1, and the port is 4356.
    The program (ggsci) tries to use that hostname to communicate to the process (Extract/Replicat/Manager) when the command is issued in GGSCI. If you get a timeout or connection-refused error on the command, that means GoldenGate could not connect to the local host. Most of the time, you should have no problem connecting to a local host, but when you have the wrong IP address or routine table configured in your TCP/IP settings, connection errors can happen.
    To troubleshoot this, follow the steps below
    1. Try to ping that host name from the OS shell to see if it goes to the correct IP address (which should be the one for the local system).
    2. If the ping is successful, try to telnet to the Manager port on your local host. You will be able to see your telnet session connect if a Manager is listening on that port.
    Here is an example:
    shell>telnet
    telnet> open sys1 4356
    Trying 100.100.100.100...
    Connected to sys1.oracle.com (100.100.100.100).
    Escape character is '^]'.
    3. If your telnet session times out or gets a connection-refused error, that means either the hostname is wrong or the port number is wrong.
    If the ping to the hostname listed in the pcm/pce/pcr file fails, or if you cannot connect your telnet session to the port listed in the file(s), contact your network engineers to get the TCP/IP issue resolved.
    Hope this information helps.
    Thanks & Regards
    Santhosh

  • How to forward/open ports for WRT54G?

    Hi. I recently bought a WRT54G because my old router was destroyed by lightening and thunder. I have managed to set it up, and got the interent itself to work with static IP adress (192.168.1.101 for my PC).
    However, even though I have tried to forward/open ports for applications like uTorrent and DC++ as well as Limewire, I have no luck. When I test if the ports are indeed opened, I get the result that they are not. Here are how my port forward setting looks like for utorrent. The port in the settings image is of course the same as in uTorrent.
    http://www.pictub.com/quickupload/01/untitled-1mb4wd.jpg
    I can't seem to open any ports, even though I have followed tutorials like the ones at portforward.com. I have the latest firmware for my router, as I flashed it when I got it. Help .

    Yes, I did .
    Anyways, look what I found in the uTorrent FAQ:
    1.7 Special note for users with Linksys WRT54G/GL/GS routers, there are severe problems with them when running any P2P application
    To fix it, they say one has to flash with a unofficial firmware, but I will rather get the money back and buy another router tomorrow. Thanks for the help anyways .

  • Windows Server 2008 opening ports for sql

    Hello we upgraded our server from 2003 to 2008 and we are trying to open up the ports for the sql server and reporting services so the users can access both database and report manager from their desk.  we only have one location so its not like we
    need people from different locations accessing it.  but for some reason the users still cant access the database even after opening ports 1433 and 80.  Can anyone help please

    Hi
    Can you explain why does he need turn off the firewall on prod. server? Running SQL
    Browser service make sense if we use named instance, the OP did not mention that. Moreover if we enable SQL Browser
    service we probably need to add UDP port 1434 to the firewall.
    Best Regards,Uri Dimant SQL Server MVP,
    http://sqlblog.com/blogs/uri_dimant/
    MS SQL optimization: MS SQL Development and Optimization
    MS SQL Consulting:
    Large scale of database and data cleansing
    Remote DBA Services:
    Improves MS SQL Database Performance
    SQL Server Integration Services:
    Business Intelligence

  • Opening ports for Kaspersky MDM Server

    We are setting up Kaspersky to use mobile devices and they request we open 9799, 9899, and 400. I opened those ports on the ASA 5510 but they are still saying closed. One person said we need to set up a NAT outside and then open the ports up under their. Anybody have any idea why these ports still say closed when I run a port test?
    Thanks

    Hi, I'm still getting problems with this. I have added a user defined application on the Home Hub, and from what I can understand I have now opened the HTTP port (80), HTTPS (443) and the Remote Desktop Proxy (4125), but still no joy.
    I have also tried to set up port forwarding from Settings > Advanced Settings > Port Forwarding > Configuration with the HTTP Server (World Wide Web) and HTTPS assigned to the Home Server physical address as shown below.
    I still get the same message from the Windows Home Server Repair Wizard:
    I'm still stumped - what do you mean by ensuring it is a static address? Do you have any other suggestions?
    Many thanks,
    Savvyman.

  • Opening Ports For a Gaming Server; Airport Utillity.

    Hi All,
    This is my very first post, and I'm not entirely sure if this is in the right Forum,
    but anyway, I am currently trying to Open port 25565 using Airport utility,
    So far I have Done:
    1.Opened Airport Utility
    2.Chosen Manual Setup
    3. Entered Web password
    4. gone advanced settings
    5. Port Mapping
    6 Clicked Plus.
    Now, this is where I'm Stuck, I have no idea what to choose e.g Apple Remote Events and all the other options there, and where would I put the port I want to open? I don't know what to put in private ports, and I don't know what UDC and TDC or whatever they are, I don't know what they mean, Help?
    Yes, but generally my main problem is picking the right default setting or do I just ignore it?

    I have no idea what to choose
    Don't choose anything. Give it a name after you click "Continue"
    where would I put the port I want to open?
    In the following fields
    Public UDP Ports
    Public TCP Ports
    Private UDP Ports
    Private TCP Ports
    I don't know what to put in private ports
    The same as the public ports... 25565

  • Problems opening ports for Torrent downloads

    Is there a how to guide or anything out there on how to properly open and forward ports....for something like a Torrent client?
    I thought I was doing everything right, but I still can't get my client to connect to any trackers.
    This is what I've done so far:
    Added a new protocol for bit torrent with the following ports that my client uses:
    TCP Any -> 6881-6891 UDP Any -> 6881-6891 
    Forwarded that protocol to the static IP of the machine running the client on the network.
    I thought that's everything it would take to make it work, but no luck.    I did the same thing with ftp and http for a filer server I use and it all works great.
    Any tips?

    You are very close to allowing users to connect to you, because this is my understanding of the status of ports.
    #1 A port will be stealthed / time out / filtered if something is blocking that port.
    #2 A port will be closed / connection refused if nothing is blocking that port and the server is not listening.
    #3 A port will be opened / success if nothing is blocking that port and the server is running.
    Here are example(s), of what I mean...
    #1 Stealth / time out / filtered
    http://i42.tinypic.com/qo8w9j.jpg
    #2 Closed / refused
    http://i40.tinypic.com/2wp82e9.jpg
    #3 Open / success
    http://i42.tinypic.com/vdis8o.jpg
    -> You need to start the server for the port to be open. -
    If need be: It would help to know more about this single NAS box that runs a web server, ftp server and a torrent client.
    Like, the brand and model of it..
    If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.

  • Why does port scan show an open port for application I've never had?

    I don't currently and never have used Bacula to backup my Macbook, but for some reason when I do a portscan it often shows a Bacula file daemon being open on port 9102.  It also comes up in Netstat as listening, even with my firewall blocking all unnecessary connections, sharing turned off (all), and an Airport ex in front of it also secured.  I also cannot find any related files etc. on my machine after a thorough search.  Despite my best google and support searches, I couldn't find anyone with the same problem.  Is this reason for concern? Either way why would it be there despite it not being ever used on my Mac?  I am not well versed in networking, only know enough to get myself in trouble, so thanks in advance for any help.

    Ok, I ran a port scan on 9102 and it show it's not responding, but assigned to (bacula-fd)
    So what it appears to be is Bacula ( a legitimate program) uses this port, much like Screen Sharing uses port 5900, not necessarily that it's installed on your machine.
    It's not uncommong to have open ports, it's so if you ever install the program or use a service it can gain access through the Firewall. You can change that of course to close up everything except certain ports for certain programs.
    Now that the firewall is App based, if you don't have the app listed, how do you deny it access?
    Well if the program isn't installed on the machine, it can't respond if the port is open or closed.
    Simply enable your Firewall and allow the programs you do have and want to access your machine to connect in the Advanced settings.
    There is also NoobProof and WaterRoof if you need a GUI/simplicity to enact more complex features of the command line firewall. Block IP addresses and everything. However read up before you mess around, Apple has everythign set up nicely and there are very few successful attacks on Mac's.
    If you don't know what your doing, you can actually do more harm opeing up your machine to poential attack.
    If your more paranoid, then install LittleSnitch, it's a outgoing firewall and notification software with pop-up window to allow/deny on a per program or request basis. You'll be quite shocked how much is going out in the background without your knowledge.

Maybe you are looking for