Job Management Partner 1/Automatic Job Management System 3 - Web Operation Assistant Description, Operator's Guide and Reference

[Contents][Glossary][Index][Back][Next]

3.8.1 Configurations for passing through a firewall

When the database type for the scheduler service to be monitored is an embedded database or HiRDB, a packet-filtering or NAT firewall may exist between the scheduler service and JP1/AJS3 - Web Operation Assistant. If a firewall exists, you must specify settings in the following network configurations to enable passing through the firewall.

JP1/AJS3 - Web Operation Assistant supports static-mode address translation (NAT), but does not support functionality such as NAPT (IP-masquerading) that converts one global IP address to multiple local addresses.

Network configurations that require settings for passing through a firewall:
  • When a firewall (packet filter) is installed for an embedded database or HiRDB that will be monitored
  • When a firewall (packet filter and NAT) is installed for an embedded database or HiRDB that will be monitored
  • When a firewall (packet filter) is installed for JP1/AJS3 - Web Operation Assistant
  • When a firewall (packet filter and NAT) is installed for JP1/AJS3 - Web Operation Assistant

The following describes the embedded database settings required for the above network configurations. For details about the HiRDB settings, see the manual HiRDB Installation and Design Guide. For detailed setup procedures, see 3.8.2 Settings on JP1/AJS3 - Manager or JP1/AJS2 - Manager and 3.8.3 Settings on JP1/AJS3 - Web Operation Assistant.

Note that the value of pd_name_port in the figure below is the same as the value set in the RDBPORT environment settings parameter for the scheduler service to be monitored. If the monitoring target is JP1/AJS3 - Manager, set the environment settings parameters by installing JP1/AJS3 - Manager on the JP1/AJS3 - Manager host to be monitored. When the monitoring target is JP1/AJS2 - Manager, the environment settings parameters are set by executing the embedded database setup command ajsembdbbuild on the JP1/AJS2 - Manager to be monitored. For details about the ajsembdbbuild command, see ajsembdbbuild command in the manual Job Management Partner 1/Automatic Job Management System 2 Setup Guide.

Organization of this subsection
(1) When a firewall (packet filter) is installed for the embedded database to be monitored
(2) When a firewall (packet filter and NAT) is installed for the embedded database to be monitored
(3) When a firewall (packet filter) is installed for JP1/AJS3 - Web Operation Assistant
(4) When a firewall (packet filter and NAT) is installed for JP1/AJS3 - Web Operation Assistant

(1) When a firewall (packet filter) is installed for the embedded database to be monitored

Figure 3-5 When a firewall (packet filter) is installed for the embedded database to be monitored

[Figure]

This example assumes that a firewall is installed as shown above and is set up as shown below:

Firewall settings:
  • IP address for pass-through: 20.20.20.20
  • Port numbers for pass-through: 22220 (or 22200 when the monitoring target is JP1/AJS2 - Manager), 33333, and 20244

In this case, the settings on the JP1/AJS3 - Manager host or JP1/AJS2 - Manager host to be monitored and the JP1/AJS3 - Web Operation Assistant host must be as follows.

Settings on the JP1/AJS3 - Manager host to be monitored
  • services file for JP1/AJS3 - Manager
    jp1ajs2monitor 20244/tcp
  • System common definition file for the embedded database
    set pd_name_port=22220
    set pd_service_port=33333

Settings on the JP1/AJS2 - Manager host to be monitored
  • services file for JP1/AJS2 - Manager
    jp1ajs2monitor 20244/tcp
  • System common definition file for the embedded database
    set pd_name_port=22200
    set pd_service_port=33333

Settings on the JP1/AJS3 - Web Operation Assistant host
No parameters need to be set.

(2) When a firewall (packet filter and NAT) is installed for the embedded database to be monitored

Figure 3-6 When a firewall (packet filter and NAT) is installed for the embedded database to be monitored

[Figure]

This example assumes that a firewall is installed as shown above and is set up as shown below:

Firewall settings:
  • IP address for pass-through: 20.20.20.20
  • Port numbers for pass-through: 22220 (or 22200 when the monitoring target is JP1/AJS2 - Manager), 33333, and 20244
  • Address translation using NAT
    From 10.10.10.30 to 20.20.20.20, and vice versa

In this case, the settings on the JP1/AJS3 - Manager or JP1/AJS2 - Manager host to be monitored and the JP1/AJS3 - Web Operation Assistant host must be as follows.

Settings on the JP1/AJS3 - Manager host to be monitored
  • services file for JP1/AJS3 - Manager
    jp1ajs2monitor 20244/tcp
  • System common definition file for the embedded database
    set pd_name_port=22220
    set pd_service_port=33333

Settings on the JP1/AJS2 - Manager host to be monitored
  • services file for JP1/AJS2 - Manager
    jp1ajs2monitor 20244/tcp
  • System common definition file for the embedded database
    set pd_name_port=22200
    set pd_service_port=33333

Settings on the JP1/AJS3 - Web Operation Assistant host
  • Client environment definition
    PDSERVICEPORT=22222
    PDSERVICEGRP=ajs2
    PDSRVTYPE=PC#
  • hosts file
    10.10.10.30 HostA
# Specify PC if the JP1/AJS3 - Manager or JP1/AJS2 - Manager to be monitored is running on a Windows host or Linux host. For a UNIX host other than Linux, specify WS.

(3) When a firewall (packet filter) is installed for JP1/AJS3 - Web Operation Assistant

Figure 3-7 When a firewall (packet filter) is installed for JP1/AJS3 - Web Operation Assistant

[Figure]

This example assumes that a firewall is installed as shown above and is set up as shown below:

Firewall settings:
  • IP address for pass-through: 10.10.10.10
  • Port number for pass-through: 10000

In this case, the settings on the JP1/AJS3 - Manager or JP1/AJS2 - Manager host to be monitored and the JP1/AJS3 - Web Operation Assistant host must be as follows.

Setting on the JP1/AJS3 - Manager host to be monitored
  • System common definition file for the embedded database
    set pd_name_port=22220

Setting on the JP1/AJS2 - Manager host to be monitored
  • System common definition file for the embedded database
    set pd_name_port=22200

Setting on the JP1/AJS3 - Web Operation Assistant host
  • Client environment definition
    PDCLTRCVPORT=10000

(4) When a firewall (packet filter and NAT) is installed for JP1/AJS3 - Web Operation Assistant

Figure 3-8 When a firewall (packet filter and NAT) is installed for JP1/AJS3 - Web Operation Assistant

[Figure]

This example assumes that a firewall is installed as shown above and is set up as shown below:

Firewall settings:
  • IP address for pass-through: 10.10.10.10
  • Port number for pass-through: 10000
  • Address translation using NAT
    From 10.10.10.10 to 20.20.20.30, and vice versa

In this case, the settings on the JP1/AJS3 - Manager or JP1/AJS2 - Manager host to be monitored and the JP1/AJS3 - Web Operation Assistant host must be as follows.

Setting on the JP1/AJS3 - Manager host to be monitored
  • System common definition file for the embedded database
    set pd_name_port=22220

Setting on the JP1/AJS2 - Manager host to be monitored
  • System common definition file for the embedded database
    set pd_name_port=22200

Settings on the JP1/AJS3 - Web Operation Assistant host
  • Client environment definition
    PDSERVICEPORT=10000
    PDCLTRCVADDR=20.20.20.30#
    # Specify the IP address of the JP1/AJS3 - Web Operation Assistant host as viewed from the JP1/AJS3 - Manager or JP1/AJS2 - Manager to be monitored.

[Contents][Back][Next]

[Trademarks]

Copyright (C) 2010, Hitachi, Ltd.
Copyright (C) 2010, Hitachi Software Engineering Co., Ltd.