Specifying the Listening IP Address

Specifying the Listening IP Addresses

For each DMZ Gateway Profile, you specify 2 IP addresses:

One address is used by client programs to connect. This is typically an external-facing address. When a Site configured at a peer server connects to the DMZ Gateway over the PNC, the DMZ Gateway reads the list of client ports configured in the Site. These ports are then combined with the client IP Address and it is on these client IP address/Site port combinations that the DMZ Gateway will listen for client connections.
The other address specifies the IP address on which to listen for connections from peer servers. The communications established using this address is known as the Peer Notification Channel or PNC. Typically, this IP Address will be an internal-facing address. This address is combined with the configured port value and it is on this IP Address/port combination that the DMZ Gateway will listen for connections from peer servers.

If you are using the Accelerate module in EFT, you should also specify the Listening IP for Acceleration.

Each address is configured by selecting the IP address to use from a drop-down list. The list of IP addresses includes all IPv4 and IPv6 addresses present on the computer. Additionally, the list includes an All Available setting for both IPv4 and IPv6. (IPv6 connections to DMZ Gateway are not supported on Windows Server 2003.)

In the Listening IP for incoming Clients box, click the down arrow to select one or more IP addresses for incoming clients. (Only the IP addresses defined on this computer appear in this box.) You can specify:

All Available (IPv4)—Listen for client connections on all IPv4 addresses.
All Available (IPv6)—Listen for client connections on all IPv6 addresses.
All Available (IPv4 and IPv6)—Listen for client connections on all IPv4 and IPv6 addresses.
A specific IP address—Listen for client connections on all on a specific IP address.

In the Listening IP for Server box, click the down arrow to select one or more listening IP addresses for the server. (Only the IP addresses defined on this computer appear in this box.) All Available means that DMZ Gateway will listen on the IP address/port combination ONLY IF that IP address/port combination is not already being used by another Profile. Profiles configured with an explicit IP address have precedence over Profiles configured with All Available. You can specify:

All Available (IPv4)—Listen for server connections on all IPv4 addresses.
All Available (IPv6)—Listen for server connections on all IPv6 addresses.
All Available (IPv4 and IPv6)—Listen for server connections on all IPv4 and IPv6 addresses.
A specific IP address—Listen for server connections on all on a specific IP address.

IMPORTANT: All Available means that DMZ Gateway will listen on the IP address/port combination ONLY IF that IP address/port combination is not already being used by another Profile. Profiles configured with an explicit IP address have precedence over Profiles configured with All Available.

What Does This Mean for the Peer Server Listeners?

Suppose you have three IP addresses on the computer: IP 1, IP 2, and IP 3, and you have two Profiles: Profile 1 and Profile 2.

Both Profiles are configured to use the same Peer Server Listener Port 54321.
Profile 1 is set to use All Available.
Profile 2 is set to use IP 2.

Profile 1 will listen on IP 1:54321 and IP 3:54321, and Profile 2 will listen on IP 2:54321.

Now, suppose you delete Profile 2, making IP 2:54321 available. The DMZ Gateway will detect this and update the communications listeners so that Profile 1 will now listen on IP 1:54321, IP 2:54321, and IP 3:54321.

What Does This Mean for the Client Listeners?

Suppose you have three IP addresses on the computer: IP 1, IP 2, and IP 3, and you have two Profiles: Profile 1 and Profile 2. Profile 1 is set to use All Available and Profile 2 is set to use IP 2.

Now suppose you have two Sites configured on EFT. Both Sites are configured to connect to the DMZ Gateway and use FTP port 21. Site 1 is set to connect to Profile 1, and Site 2 is set to connect to Profile 2.

Once both Sites are connected, the DMZ Gateway will establish client listeners for Site 1 on IP 1:21 and IP 3:21 (because Site 1 used Profile 1, which uses all available IP/port combinations not currently in use). For Site 2 the DMZ Gateway will establish a client listener on IP 2:21.

If Site 2 should disconnect for some reason (perhaps it was deleted), IP 2:21 is now considered available. The DMZ Gateway will detect this and update the communications listeners so that Profile 1 will listen for client connections on IP 1:21, IP 2:21, and IP 3:21.