Solved

Identify ports required to be open in FW for Web Service solution.

Posted on 2004-10-11
8
462 Views
Last Modified: 2007-02-13
Hi all,

We have an ASP.NET solution that access an external web service. Our FW is secured and thus we can't get access to the web service. Isn't port 80 the only port needed? If the web service has adress https://, SSL port 443 must be open as well, correct? Do you know any tools for identifiying what ports are used transferring data?

Thank you all for your time!

Best regards,
//Dan
0
Comment
Question by:dsolving
  • 4
  • 3
8 Comments
 
LVL 11

Expert Comment

by:pratap_r
ID: 12276168
80 and 443 should be good enough.. see if you are able to connect to the url yourself through your browser instead of from your webservice. check to see which port the target service is running on. by default it is 80 for http and 443 for ssl. you could try to use netstat if you have rights on the machine. a simple netstat -a will list down all the active ports

Enjoy
Pratap
0
 
LVL 11

Expert Comment

by:pratap_r
ID: 12276181
on a second thought are you using firewalls/proxy with network security? because if so then you will need to pass the credentials along with your request for the webservice from your service.

Pratap
0
 

Author Comment

by:dsolving
ID: 12276324
Pratap,

Yes we are using FW:s, that's why I need to know what ports must be open for traffic, both in and out. When trying to access the address, https://pcert.javatest.infodata.sema.se/soap/servlet/rpcrouter, where the web service is located from the server, I get a Cannot find server message. When accessing from my client, not behind the same FW, I recieve an error stating:

SOAP RPC Router
Sorry, I don't speak via HTTP GET- you have to use HTTP POST to talk to me.

Any ideas what this can be.

Thanks for your time!
//Dan
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 5

Expert Comment

by:rsriprac
ID: 12277948
THe FW must be allowed to chose its outbound ports and should not be blocked. If you have blocked both inbound and outbound to only ports http/https, this will make the server software not work outside the FW.  Outbound traffic are sent out on different ports from the server, it just needs port http/https to accept incoming requests.

As for:

SOAP RPC Router
Sorry, I don't speak via HTTP GET- you have to use HTTP POST to talk to me.

Your request to the servlet must be a POST type request then a GET, i.e.

http://www.cs.tut.fi/~jkorpela/forms/methods.html
0
 
LVL 11

Expert Comment

by:pratap_r
ID: 12278218
hey Dan

can you post the code snippet? by default .net does a http post may be something else is wrong. i suppose you have the necessary certificates to identify your client against that server you had mentioned!?

as for the firewalls the firewall by default should allow port 80 unless it does a check to see if its one among the standard applications (for eg you can configure your FW to allow only IE to access a website and deny access to all others..). but from the URL you have posted its clear that your webservice is using port 80.. unless it does a server side redirect (which unfortunately i am not able to test it)

Pratap
0
 

Author Comment

by:dsolving
ID: 12284593
Pratap and Rsriprac,
what is true, what ports must be open for inbound and outbound traffic respectively, this is the main question??
Thanks for your time!
Dan
0
 
LVL 11

Accepted Solution

by:
pratap_r earned 500 total points
ID: 12284648
outbound 80 and 443 should suffice as long as there is no server side redirect to another port. inbound ports not required for the client.. whereas it is required for the server

either case its just 80 and 443 for default installations

Pratap
0
 

Author Comment

by:dsolving
ID: 12284658
Excellent, damn you're quick... :)
We will try this in a couple of days and I will return to you with result and reward!
Thanks,
//Dan
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VB6 Compile Compatibility Issue 4 102
servlet doXXX methods 3 49
Eclipse with gitlab 1 44
eclipse apache tomcat admin console 52 97
Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
A short article about a problem I had getting the GPS LocationListener working.
The viewer will learn how to implement Singleton Design Pattern in Java.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question