We just setup DMZ server & Internal servers, connection b/w them is successful as per server logs.
We have a requirement where a webservice will be exposed to external partners through DMZ RIP Server.
Webservice is hosted on Internal Server, so ideally all requests from external source will reach DMZ server, from there internal server will pickup through Registration Port.
Requests are reaching till Internal IS, but concerned webService is not getting invoked, which is running on different port.
Example ::
External Request is getting invoked on DMZ server via 1234 port (external port) and from there Internal server invokes that request on 5678 registration port, but original webService is running on 5555 port.
May I know how request received by Registration port will invoke the webService running on 5555 port?
Does anything has to be done at network level like Port forwarding from 5678 – > 5555 port or anything has to be configured at webMethods server level?
The WS is running on the internal server, not on specific port (the server endpoint alias has a port, but it’s really for WSDL construction), once a call reached the server, the WS can be invoked.
So, through registration port, the external request will be forwarded to the internal server, then WS can be called.
Thanks for the information.
Can you please clarify one more doubt, does external request will be pushed from DMZ IS – > Internal server or Internal server will pull that external request from DMZ IS through Registration port, I am bit confused, couldn’t find clear information even in documentation, I am first timer working on DMZ RIP & Internal IS concept.
If it is from DMZ IS – > Internal Server, i need to work with my network team to allow communication in this way.
So far, they allowed communication other way round (Internal IS – > DMZ). This could be the reason why my WS is not getting invoked.
From IS Admin guide: "Important: To get the maximum benefit from the Enterprise Gateway configuration,
Software AG highly recommends that you configure your inner firewall to deny all
inbound connections. With this configuration, you isolate the Internal Server from the
DMZ. This capability is the main advantage of using an Enterprise Gateway Server over
traditional third-party proxy servers.
"
Could you please let me know step by step process which you have followed to expose your service to outside world. Do we need any external tool? What are setting required from network team?