|Applies To||RSA Authentication Manager|
UNIX (AIX, HP-UX, Solaris)
|Issue||How to administer RSA ACE/Server & RSA Authentication Manager passing through a firewall|
Cannot connect RSA ACE/Server & RSA Authentication Manager through the firewall to perform Remote Administration
Unable to connect to log database. Please be sure that the database broker is running on host ... and that the service SDLOG is properly defined in your local SERVICES file.
|Resolution||The default number of concurrent remote administration sessions supported is 32. Be sure to close the Database Administration session after completing your work.|
Remote administration uses TCP, which opens two ports for each remote administration session running on your RSA ACE/Server. You can limit the number of ports that can be opened at the same time (and thereby limit the number of remote administration sessions that can run at the same time) by specifying a range of port numbers that can be used for remote administration connections.
To specify a range of port numbers:
1. Stop the Master RSA ACE/Server and database brokers. On a UNIX machine, type the following lines at the command line:
On a Windows NT machine, use the Control Panel applet.
2. In the ace\rdbms32 directory (Windows NT) or ace/rdbms directory (UNIX), make a backup copy of the startup.pf file. Name it startup.old.
3. Open the startup.pf file in a text editor, and add the following lines to the end of the file:
-minport minimum port number
-maxport maximum port number
TCP does not use the port specified as the minimum port number. The first port used is always one greater than the specified minimum port number, so the range of ports specified must always include one more port than needed. If there are 10 remote connections, 20 ports are needed and a range of 21 ports must be specified. For example, to use ports 3001 through 3020, add the following lines to the file:
NOTE: Make sure the range of port numbers specified does not include port numbers used by other services
For Windows NT users:
- Windows NT requires that the minimum port number be no less than 3000
- If the Progress Development Toolkit is used, the system may be using a startup.pf other than the one that shipped with RSA ACE/Server 4.1. In this case, RSA Security recommends that you edit both startup.pf files according to this procedure.
4. Restart the RSA ACE/Server
5. Open up the ports defined in the startup.pf file in addition to the 55xx ports (found in the services file on your RSA ACE/Server) in your firewall
For more information, see the solution regarding Error: "You have attempted to connect to a database with too many users" in RSA ACE/Server.
|Legacy Article ID||6.0.2974753.2885112|