Hey, thanks for your reply. I finally got a solution, which is very easy. The ERP retrieved from the Factory has the hostname of the computer in the private network for accessing the server, which is not possible from outside. The solution is just to set the address of the ERP manually and to use the correct certificate on server side.
So everything works fine for me. Cheers Michael Von Welch wrote: > You might want to peruse the following if you have not, though your > use case is advanced and not specifically covered: > > http://dev.globus.org/wiki/FirewallHowTo > > I'm not really able to follow what is happening from your > description. Can you capture the network flows on the public side of > the NAT router so it's obvious what is failing? > > Von > > On 11/25/09 11:48 AM, Michael Sutter wrote: > >> Hello list, >> >> I have a problem with a GT 4 Service and hopefully anybody can help me. >> I have a custom written GT 4 Factory Service and for some reasons it must >> be possible to run the GT 4 container in a private network >> (192.168.2.229) behind >> a firewall, but it must be possible to access the Service from outside >> the private network. >> So I have a linux router, handling everything necessary like >> masquerading and port >> forwarding. >> >> I have configure a rule for accessing the GT 4 server: >> iptables -t nat -A PREROUTING -p tcp -d myhost --dport 22943 -j DNAT >> --to 192.168.2.229:8080 >> I think the rule is correct, as it it possible to access the GT 4 server >> via telnet and I got some response. >> >> Nevertheless it is not possible to access the Service with the GT 4 >> client. I always got a connection timeout. So I added some >> debug messages in the service and I can see, that the Service is >> accessed but it is not possible to call the >> methods of my service. I see, that the factory classes are accessed, but >> I got no messages from my methods. >> >> On a GT 4 Server accessible from world wide the Service works perfect. >> So I think it is a problem with the >> ip forwarding. Have anybody a idea, how I can access the service? Maybe >> I missed something in the configuration. >> Or is it not possible to access the Service if he is behind a firewall. >> It is a insecure GT 4.0.8 server. >> >> Kind regards >> Michael >> >> >>