IBM FileNet P8, Version 5.2.1            

Configuration issues with firewalls

If Process Simulator and Proxy or Application Engine reside on opposite sides of a firewall, you must take additional configuration steps on Process Simulator.

Process Simulator uses the same URL as the client to update a simulation status. Therefore, if a client accesses an IBM FileNet web application via a proxy or remote HTTP server, Process Simulator uses the same URL (including the port) to update the simulation status. If the client accesses an IBM FileNet web application directly via the application server where its deployed, Process Simulator again uses the same URL (including port) to update the simulation status.

To configure Process Simulator for use behind a firewall

  1. On Process Simulator: Process Simulator:
    1. Modify the hosts file on Process Simulator to map the IP address of the Application Engine or proxy server to its fully qualified name.
    2. If your firewall uses a DMZ ("demilitarized zone") and the routers are not configured to automatically know where the address of the DMZ, you must add a persistent route to the DMZ subnet. (A DMZ refers to a part of the network that is neither part of the internal network nor directly part of the Internet.) From the command line, enter:

      route -p add <host IP> mask <net mask> <gateway IP address>

      where

      Table 1. Table of parameters and description for route command
      Parameter Description
      host IP The IP address of the Application Engine or proxy server. You can also use a C-Class address to broadcast the message to the DMZ subnet.
      net mask The DMZ's subnet mask for this route entry.
      gateway IP address The IP address of your firewall, through which the external client or Process Simulator will access the Application or proxy server running in the DMZ.
  2. On the firewall server, make sure there is an open outbound port for the Application Engine or proxy server, and that the web proxy service is running.


Last updated: October 2015
ps_firewall_config.htm

© Copyright IBM Corporation 2015.