https://communities.sas.com/t5/Administration-and-Deployment/Configure-SAS-MidTier-Firewall/m-p/299626#M6116 <P>You would need to update iptables with the ports or port ranges for each jvm.</P><P>&nbsp;</P><P>I believe the "alternatively" language/statement is saying that instead of updating iptables, you could configure your SAS applications to use ports already allowed on iptables (instead of the default ports).</P> Tue, 20 Sep 2016 18:21:51 GMT Timmy2383 2016-09-20T18:21:51Z https://communities.sas.com/t5/Administration-and-Deployment/Configure-SAS-MidTier-Firewall/m-p/299625#M6115 <P><FONT face="arial,helvetica,sans-serif" size="2">I have the task of configuring the SAS Intelligence Platform on Redhat Linux 6.x across three servers and need to have the firewalls (iptables) configured on each server.&nbsp; So far it seems like we are set for the Metadata &amp; Compute servers and now we are configuring the MiddleTier server.&nbsp; </FONT></P> <P>&nbsp;</P> <P><FONT face="arial,helvetica,sans-serif" size="2">I have a question based on what is stated in the Middle Tier Administration Guide on page 45:&nbsp; <EM>"To prevent these issues, you</EM></FONT></P> <DIV style="left: 274.993px; top: 505.547px; font-size: 16.6667px; font-family: sans-serif; transform: scaleX(1);" data-canvas-width="467.81666666666683"><EM><FONT face="arial,helvetica,sans-serif" size="2">can modify the firewall configuration to permit traffic to Java applications. Alternatively, you can manually update the SAS configuration to ensure that ports in the appropriate range are available through the firewall."</FONT></EM></DIV> <DIV style="left: 274.993px; top: 505.547px; font-size: 16.6667px; font-family: sans-serif; transform: scaleX(1);" data-canvas-width="467.81666666666683">&nbsp;</DIV> <DIV style="left: 274.993px; top: 505.547px; font-size: 16.6667px; font-family: sans-serif; transform: scaleX(1);" data-canvas-width="467.81666666666683"><FONT face="arial,helvetica,sans-serif" size="2">Then in the next paragraph the doc it discusses setting the JVM options to accomodate a firewall.&nbsp; The question that I have is whether or not I will need to open the ports in the firewall based on the ports used for the JVM settings?&nbsp; I think so, but confirmation would be great.</FONT></DIV> <DIV style="left: 274.993px; top: 505.547px; font-size: 16.6667px; font-family: sans-serif; transform: scaleX(1);" data-canvas-width="467.81666666666683">&nbsp;</DIV> <DIV style="left: 274.993px; top: 505.547px; font-size: 16.6667px; font-family: sans-serif; transform: scaleX(1);" data-canvas-width="467.81666666666683"><FONT face="arial,helvetica,sans-serif" size="2"><FONT face="arial,helvetica,sans-serif" size="2">Maybe the "Alternatively" sentence above is meant to refer to opening the large port range:</FONT></FONT><FONT face="arial,helvetica,sans-serif" size="2">1024-65535</FONT></DIV> <DIV style="left: 274.993px; top: 505.547px; font-size: 16.6667px; font-family: sans-serif; transform: scaleX(1);" data-canvas-width="467.81666666666683">&nbsp;</DIV> <DIV style="left: 274.993px; top: 505.547px; font-size: 16.6667px; font-family: sans-serif; transform: scaleX(1);" data-canvas-width="467.81666666666683">&nbsp;</DIV> Tue, 20 Sep 2016 18:17:02 GMT https://communities.sas.com/t5/Administration-and-Deployment/Configure-SAS-MidTier-Firewall/m-p/299625#M6115 SDV 2016-09-20T18:17:02Z https://communities.sas.com/t5/Administration-and-Deployment/Configure-SAS-MidTier-Firewall/m-p/299626#M6116 <P>You would need to update iptables with the ports or port ranges for each jvm.</P><P>&nbsp;</P><P>I believe the "alternatively" language/statement is saying that instead of updating iptables, you could configure your SAS applications to use ports already allowed on iptables (instead of the default ports).</P> Tue, 20 Sep 2016 18:21:51 GMT https://communities.sas.com/t5/Administration-and-Deployment/Configure-SAS-MidTier-Firewall/m-p/299626#M6116 Timmy2383 2016-09-20T18:21:51Z