14 • Introduction HP NonStop SSL Reference Manual
The "tunneling" approach has the following benefits:
• It is firewall-friendly, as only a single port needs to be opened between the workstations and the clients.
• The configuration both of the HP NonStop SSL ODBCMXS process and the RemoteProxy is independent of
the number of ports used by ODBC/MX.
Note: The ODBC/MX protocol supports IPv6 starting with release H06.26/J06.15, but running HP NonStop SSL in
ODBCMXS mode is currently only valid with IPMODE IPv4.
Limiting Remote IP Addresses
HP NonStop SSL can be configured to allow only certain remote IP addresses. By default, HP NonStop SSL will allow
connections from any IP address; this behavior can be changed by
1. Setting a "black list" of forbidden IP addresses or subnets using the DENYIP parameter.
2. Setting a "white list" of allowed IP addresses or subnets using the ALLOWIP parameter.
Note: the black list will take precedence over the white list: if an IP address is matching both lists, it will NOT be
allowed.
For details, please refer to parameters "DENYIP" and "ALLOWIP" in the "Parameter Reference".
To Next Page
Loading...
Need help?
General