Purpose

The purpose of this Jive document is to discuss the basic firewall configurations which will avoid most of the firewall issues while deployment of an Enterprise RAS .Net applications.

Overview

Consider a scenario where an Enterprise RAS .NET SDK application works fine in the development environment as well as in staging or testing environment but causes issues when deployed in the production environment or on the live web server. The main cause being the existence of a Firewall between Web server and the BusinessObjects Enterprise Server.

Generic issues due to firewall not configured for SDK’s

• Transport error: Communication failure (FWM 00001)
• Error: “Failed to find an available Report Application Server”
• Application hangs on “ReportAppFactory.OpenDocument()” method.
• CORBA communication failure: reason[error number WSAETIMEDOUT]

etc. However, these issues can be avoided if few things are done while deploying the application.

Things to do while deployment of the application

So here are few things to do which will avoid many generic issues with Firewall.

(Provided steps are considering a BusinessObjects Enterprise XI 3.1 .NET web application to view Crystal report using RAS)

1.        1.      Assign dedicated ports in the Enterprise – (CMCàServersà Properties)

o   Request port for CMS (6400 is default ‘Name Port’ for CMS not a request port.)

o   Request port for RAS

2.        2.      Configure below registry keys on the Web Server -

o   HKEY_LOCAL_COMPUTER\SOFTWARE\Business Objects\Suite 12.0\CER\RequestPortLower – port value

o   HKEY_LOCAL_COMPUTER\SOFTWARE\Business Objects\Suite 12.0\CER\RequestPortUpper – port value

o   HKEY_LOCAL_COMPUTER\SOFTWARE\Business Objects\Suite 12.0\CER\BindToIP – Set to a string value to ‘Fully qualified Domain name’ (FQDN) of the System.

(BindToIP allows the application to refer to itself by name rather than IP. This is useful in NAT environments when a network can't access private IP's on another network. Leave ‘BindToIP’ blank if you don't have to configure for NAT.)

3.      Make sure that these registry keys are set to a single port to specify a single port is to be used by the SDK to listen for connections.

4.         4.      Make sure that all the ports used as above are opened bidirectional through firewall.

5.         5.      In case of a clustered environment (multiple RAS ) make sure that the every Report Application Server has a unique name.

6.         6.      In case of NAT environment, verify the entries in the %host% file of both the machines so that the IP addresses get resolved properly. ( consult a network admin if required)

See Also

Here are the reference documents and Knowledge base articles which throw more light on the Firewall configuration for Enterprise SDK’s.

• Configuring the Crystal Enterprise SDK to work with Firewalls.

Knowledge base articles.

1542846 - How to configure RAS and SDK custom applications to work through a firewall?

1200700 - How do I configure a RAS .NET web application to work with Enterprise RAS in a NAT environment?

1336534 - How to configure Business Objects Enterprise for Firewalls?

1621035 - Error : "Transport error: Communication failure (FWM 00001)”

1516519 - CORBA communication failure: reason[error number WSAETIMEDOUT] when attempting to preview a Crystal Reports using Enterprise RAS

1621035 - Error : "Transport error: Communication failure (FWM 00001)”

1542902 - Transport error: Communication failure (FWM 00001) when logging onto BusinessObjects Enterprise using .NET web application

1638962 - Error: Transport error: Communication failure.(FWM 00001)

1477479 - Error Failed to find an available Report Application Server when using ReportAppFactory.OpenDocument() to open a report using RAS on non-default node