Table of Contents Previous Next
Logo
Glacier2 : 43.10 Firewalls
Copyright © 2003-2009 ZeroC, Inc.

43.10 Firewalls

The Glacier2 router requires only one external port to receive connections from clients and therefore can easily coexist with a network firewall device. For example, consider the network shown in Figure 43.7.
Figure 43.7. Using Glacier2 with a network firewall.
In contrast to Figure 43.6, the Glacier2 router in this example has both of its endpoints in the private network and its host requires only one IP address. We assume that the firewall has been configured to forward connections from port 4064 to the router’s client endpoint at port 9998. Meanwhile, the client must be configured to use the firewall’s address information in its router proxy, as shown below:
Ice.Default.Router=Glacier2/router:ssl ‑h 5.6.7.8 ‑p 4064
The Glacier2 router configuration for this example requires the following properties:
Glacier2.Client.Endpoints=ssl ‑h 10.0.0.1 ‑p 9998
Glacier2.Server.Endpoints=tcp ‑h 10.0.0.1 ‑p 9999
Note that the server endpoint specifies a fixed port (9999), but the router does not require a fixed port in this endpoint to operate properly.
Table of Contents Previous Next
Logo