BusinessObjects Enterprise Administrator's Guide

Specifying firewall rules for NAT

When there is a firewall between the application server and the rest of the BusinessObjects Enterprise servers you need to specify the inbound access rules and one outbound rule. The outbound rule is needed because the application server may register listeners with any of the BusinessObjects Enterprise servers

For details of how to specify these rules, consult your firewall documentation. For details about the rules see:

The fixed port numbers specified in the chart are the port numbers you specify for servers using -requestport. See Configuring the CMS on Windows, and Configuring the BusinessObjects Enterprise servers for details.

Inbound Rules
Source Computer Port Destination Computer Port Action

Application server

Any

CMS

6400

Allow

Application server

Any

CMS

fixed

Allow

Application server

Any

Other BusinessObjects Enterprise server

fixed

Allow

Any

Any

CMS

Any

Reject

Any

Any

Other BusinessObjects Enterprise Server

Any

Reject

Note:    There must be one inbound firewall rule for each BusinessObjects Enterprise server behind the firewall. Whenever more than one server is installed on the same machine, each server on that machine must use a unique port number.

Outbound Rules
Source Computer Port Destination Computer Port Action

Machines hosting BusinessObjects Enterprise server

Any

Application server

Any

Allow

This outbound rule is needed because the application server may register listeners on servers behind the firewall. These listeners may initiate communication with the application server.

Related topics:    


Business Objects
http://www.businessobjects.com/
Support services
http://www.businessobjects.com/services/support/
Product Documentation on the Web
http://support.businessobjects.com/documentation/