Port 443 on iSeries v5r4 is "filtered for Internet clients even if it is allowed in the firewall rules. How can I make this" open "?
The port was filtered by the ISP.
The problem is that HTTPS port 443 is not accessible from the internet, but it is open on our local network. Our iSeries v5r4 connects to inet via L2TP with IPSec. If packet filters are not active, nmap shows that ports 25, 80, 110, and even 10322 (the WAS admin console) are open on the IP address. 443 have a status of filtered.
If I activate the following packet rules:
# -----------------------------------------------
# Statements to permit inbound HTTP over STATICIP
# -----------------------------------------------
INCLUDE FILE = /QIBM/UserData/OS400/TCPIP/PacketRules/Services.i3p
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = OUTBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_80_FS JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = INBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_80_FC JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = OUTBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_443_FS JRN = OFF
FILTER SET HTTP_INBOUND ACTION = PERMIT DIRECTION = INBOUND SRCADDR = * DSTADDR = * SERVICE = HTTP_443_FC JRN = OFF
FILTER_INTERFACE INTERFACE = STATICIP SET = HTTP_INBOUND
# -----------------------------------------------
port 80 is "open", 443 is "filtered".
How can I make it "open"?
+1
source to share
5 answers