Security Issue using IIS svc

Aug 14, 2008 at 2:05 AM
Hi there,
This solution is great for transporting our data - however I cannot get it to run over the Internet.

On my local dev (WinXP, VS2008) all sweet.

Deploy a WCF svc application to IIS and my compressed datasets run fine (existing solution)

But this transport not quite there for me - I am sure i am missing something simple (yes, bit of a noob to this).

Seems the base address "net.tcp://x.x.x.x:6500/TableWearhouse"- so do I need to open this port my servers firewall?

Any help appreciated.
regards,
Steve
Aug 14, 2008 at 12:22 PM
Hello Steve,

The service must open a TCP channel, listening for incoming requests, on some port.
Yes, the port which the service is trying to open is 6500, but if that port is taken, the service tryies scanning available ports, and upon success, opens the vacent port.

Yes, if you open  6500 in your firewall, all should work smoothly.

--Guy.
Aug 14, 2008 at 10:57 PM
Hello Guy,
Thank you for your prompt reply. I failed with the Port triggering - so have gone to use VPN between the client and server as a solution. this is probably a better long term methodology for security anyway.

So now (is this right) I just need to configure httpCfg for http://+:6500/TableWearhouse

What I am not sure of - is this on the Server that I do this where the WCF is being hosted?

That said, since I we are going to be using VPN - maybe it would be more effecient again, to use a Console or Windows Service to Host the WCF.

Thanks again.
Steve
Aug 15, 2008 at 8:16 PM
Hello again, Steve.

Why did you choose IIS to host your service on the first place?

Again, the requests originate from the client (pull), so the server's VPN must open this port.
The client, too, should have this port open, for outgoing requests, in it's firewall.

It would be interesting to know if the ChunkTransporter works over the internet...

--Guy.