Question

Locked

Configure firewall to accept WCF requests?

By jfuller05 ·
So I get an email from our software vendor giving me details on our software upgrade that reads: "Have Hopkins set their firewall to accept WCF requests only from xxx.xxx.xx.xx:443. The communication will occur via https." I x'ed out their external ip address of course. :)

We run a sonicwall tz210. The way I understand the message, port 443 needs to be opened so the tech can upgrade our software? I can't find a WCF service in the sonicwall setup. One of their tech support guys is supposed to give me a call, but that could take a day or more and I want to get this figured out before the upgrade which is scheduled for this coming Tuesday.

Any help is appreciated.

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Port 443 is HTTPS

by robo_dev In reply to Configure firewall to acc ...

Port 443 is port 443, so it really should not matter exactly what the app does over that port.

I would assume they mean to have your firewall listen for port 443.

I would also expect you need a NAT rule to direct port 443 traffic on your external firewall interface to the internal IP address of whatever server is getting upgraded.

And last but not least it would be preferable to define an ACL for their specific IP address. If it were just a standard HTTPS web server, that would not be needed; not sure what the exact risk is with WCF, so to be safe, create a rule for that.

Collapse -

Reponse To Answer

by jfuller05 In reply to Port 443 is HTTPS

Well, I can't select your answer as *the* answer. Supposedly I'm not the same user as the one who asked the question, so I gave you a +1 instead.

Collapse -

Thanks robo_Dev

by jfuller05 In reply to Configure firewall to acc ...

I created a WAN to WAN access rule for this. source: their external IP to our external IP as the destination with https as the service. So, I guess I would need to create a NAT rule running that traffic to our internal server. I'm also "commenting" all of this in my actions as I go along so I will know to disable this rule when the upgrade is over.

I appreciate the reply it has helped a lot.

Back to Software Forum
4 total posts (Page 1 of 1)  

Software Forums