Skip to Content
author's profile photo Former Member
Former Member

FWM 01009 (null):firewall problem?

Hi Guys,

I have a problem with a DMZ installation and the firewall settings

Here's the situation.

On our internal network we have installed the servercomponents of BOXI Edge 3.1, which seems to be running fine.

We have a seperate Webserver with Tomcat 5.5 installed on it in the DMZ zone. Via Wdeploy I have deployed the war files on it (according to the wdeploy deploy document).

Whenever I want to logon to the CMC on my webserver machine, my login screen is appearing fine, but after I hit logon, I receive the error message FWM 010009 (null), a communication failure has occured. According to our firewall team, all ports are open in both directions. They have executed a trace and see that the BOXI Edge server is sending back packages, but that in that package should be an end communication order.

I still have (an older) VM with Edge 3.1 behind the firewalls (thus internally), from which I can access my newly installed machine in a glance...

As an extra test we have installed a complet Edge version on the Webserver as well. Communication on the webserver is OK, but as soon as we try to connect to the server behind the firewall, it goes wrong and the error appears.

So here comes my question, is there anyone who can give me a clue where it goes wrong?

Is it correct to say that it is a firewall problem?

If all ports are open on the firewall, communication shouldn't be a problem, isn't it?

Any help is appreciated.

Regards,

Jorn

Add a comment
10|10000 characters needed characters exceeded

Related questions

3 Answers

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on Sep 29, 2010 at 09:58 AM

    Hi,

    we have appointed a static port 4982 to the request port.

    According to our firewall guys, no communications is coming from the request port. Even before the request port can answer, the port 6400 is sending a FIN package (termination package) to the application resulting in the error message.

    They say that all ports are open and that it's not a firewall problem... However when I communicate within my LAN environment this is not a problem...

    Can please someone help me out?

    Regards,

    Jorn

    Edited by: Jornvdd on Sep 29, 2010 12:08 PM

    Add a comment
    10|10000 characters needed characters exceeded

    • Hi Ramu,

      We had the same issue and therefore I assigned the IP address of the NIC like you suggested. Now my entire BO environment doesn't start anymore. When I start the SIA, service port 6400 isn't coming up anymore.

      I'm trying to correct this in the BOE bootstrap file. Until now without success.

      Any suggestions?


      Regards,

      Rob

  • author's profile photo Former Member
    Former Member
    Posted on Sep 29, 2010 at 08:38 AM

    Hi Seb,

    thanks for your answer. We can get through via a telnet session on port 6400, so the port on the firewall should be open (that is exactly what the firewall guys have told us...). However we still can not get any communication between the LAN and DMZ.

    Meanwhile we have made some tests: communication within the DMZ is working fine, communication within the LAN is working fine. A communication from DMZ towards LAN gives us the error FWM 01009, and a logon from LAN towards the BO test system in DMZ is giving us the same error... The only thin I see in between is the firewall or am I wrong?

    Jorn

    Add a comment
    10|10000 characters needed characters exceeded

    • Hi,

      For CMS there are two prots one is Name Server port and the other is the Request Port, by default the Name Server port is assigned the port 6400 and the request will reach the CMS when the Name Server is enabled on the firewall but the Web application cannt communicate as the Request port is unaware and the firewall port is not open for communication.

      for this you can assign a static port for the CMS Request in CMS properties via CMC and enable the firewall for this port.

      Regards,

      Ramu.

  • Posted on Sep 28, 2010 at 03:20 PM

    Hi,

    please validate if port 6400 is open on the Firewall.

    What i always do in that case is that i activate the telnet service on the server behind the firewall. After that you open a CMD on your Webserver and type "telnet SERVERNAME_WITH_CMS 6400"

    check if you can connect. If you can the firewall is fine. If you cant the port 6400 isnt open.

    Also please do the same with port 6410

    Regards

    -Seb.

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.