cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

how to test the firewall is opened for a internal server

Former Member

on ‎04-26-2007 11:49 PM

0 Kudos

should I use

ping -t <IP of the internal server> 36<nr>?

Thanks! Points!

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎04-28-2007 10:35 AM
0 Kudos

Hi Jennifer

try to execute the following command from the shell prompt

tracert -d <Ip address for the internal server>

try to note down the IP address where the packets are not transferring to other hops

ask your network person to resolve the IP to pass the packet to next hop

if your tracert session has been ended with all resolved IPs

then try to telnet <IP address for the Internal server> 36<nr>

if not, then Firewall has been blocking you, or Portal not yet configured proper.

REgards

Anwer Waseem

Show replies
Show replies
Former Member
‎04-27-2007 12:59 AM
0 Kudos

Jennifer,

Ping will only work if ICMP is enabled on your network. I do not believe ping will work to a port either. Instead try telnet. If the port is not open, you will get a failure. If the port is open, you will get a blank screen for a couple seconds.

C:\> telnet 192.168.0.100 445

result: blank screen, port opened

C:\>telnet 192.168.0.103 321654

result: Connecting To 192.168.0.103...Could not open connection to the host, on port 321654: Connect failed

jwise

Show replies
Show replies
Former Member
‎04-27-2007 1:53 AM
0 Kudos

Joshua:

On the 2 sides of our internal firewall, we have WebDispatcher outside and EP DB inside.

The server for the Webdisp and the server for the DB must have

IPs that are different at the first 3 numbers? e.g.

if the IP of the Webdis is 177.###.##.###,

the IP of the DB server cannot be 177.###.###.###?

Message was edited by:

jennifer lee

Former Member
‎04-27-2007 4:45 AM
0 Kudos

Jennifer,

What is the question?

jwise

Former Member
‎04-27-2007 9:25 AM
0 Kudos

I prefer using nmap to check whether your host or server has opened ports. It's easy to use.

just type $nmap <IP_Address_to_scan>

ardhian

Former Member
‎04-27-2007 4:23 PM
0 Kudos

I mean:

if the webdispatcher's IP is 177.....

the DB server's IP can not start with 177.

Am I right?

Former Member
‎04-27-2007 5:17 PM
0 Kudos

Jennifer,

There is no requirement from SAP for this. This sounds like a technical requirement of your implementation?

Perhaps you mean that the WD would have a public address and the portal would have a private address? If so, yes, this would be the way to implement the portal to be publicly facing. There are a great deal of other measures that need to be studied to safeguard your data though.

In this case as well, your company's ACLs prevent communication directly to the portal. Only the WD port would be opened and then and ACL from the WD to the portal would allow communication only between those hosts.

jwise

Ask a Question