Downloadable - Hewlett-Packard
Downloadable - Hewlett-Packard
Downloadable - Hewlett-Packard
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
target prot opt source destination<br />
ports<br />
ACCEPT tcp ------ anywhere anywhere<br />
any -> 3080<br />
Accept connections on the range of ports used by our Orbix servers (TAL Orbix Server FM)<br />
defined in the orbix_temip.cfg<br />
target prot opt source destination<br />
ports<br />
ACCEPT tcp ------ anywhere anywhere<br />
any -> 6000:6030<br />
Accept connections that have been initialized by our host.<br />
It is needed because the TAL Orbix Server FM is also client of the TeMIPClient. So, it<br />
initializes a TCP connection.<br />
To be more secure, we can specify the range of ports that we want to contact on the remote<br />
hosts. It can be done if we define also the range of port used by the TeMIPClient on the<br />
TeMIPClient host.<br />
target prot opt source destination<br />
ports<br />
ACCEPT tcp !y---- anywhere anywhere<br />
50000:50300 -> any<br />
6.2.1.3 The TeMIP Client is protected by a firewall<br />
In that case only the TeMIP Client is protected. The same variable must be defined in the<br />
Orbix configuration file used by the TeMIP Client.<br />
In C:\Program Files\TeMIP Client V5.X for Windows\Orbix Run<br />
Time\etc\domains\orbix_temip_client.cfg<br />
Example: policies:iiop:server_address_mode_policy:port_range = "50000:50300";<br />
Protect the TeMIPClient with a firewall and open some ports in order the TAL Orbix Server<br />
FM can communicate with the TeMIPClient.<br />
Important Note<br />
Limitation: if the port_range value is defined on the TeMIP Client host, only one TeMIPClient<br />
can run on this host.<br />
6.3 Sign-on TeMIP Authentication Support<br />
With TeMIP Client V5.1, you can choose single sign-on for the TeMIP authentication policy<br />
(WINDOWS or WINDOWS then UNIX). In that case, a file will be used for authentication<br />
and also to associate an Acloc security profile to the Windows user.<br />
You have to edit the following file on the TeMIP PM Server platform:<br />
/var/opt/temip/acloc/user_profiles/temip_acloc_tal_users<br />
40