Troubleshooting DMZ Gateway Communication
Various configurations can prevent the server and DMZ Gateway from communicating. For example, if the DMZ Gateway computer's firewall is blocking connections, the server will not be able to connect to DMZ Gateway.
If the status icon in DMZ Gateway does not change color to green indicating a successful connection, verify the following:
-
Verify that the services for the server and DMZ Gateway are started.
-
If you make changes in DMZ Gateway, make sure to click Apply Changes. If necessary, in the server, stop and then restart the service (and/or the Site in EFT) after making changes.
-
If you made configuration changes in EFT, especially connection settings (protocols allowed, ports, etc.), make sure to stop and then restart the EFT service. Once restarted, make sure EFT is running (listening for new connections) and that DMZ Gateway remains enabled.
-
Verify that the IP address for the server is not blocked in DMZ Gateway's IP Access Exception list. By default, all IP addresses are granted access until you block or allow specific addresses. (Refer to Controlling Access by IP Address for the procedure for blocking/unblocking IP addresses.)
-
Verify that the DMZ Gateway settings in the server have the proper IP address and port and that the allowed protocols and ports have been defined for allowed incoming client connections.
-
Try pinging from the server computer to the DMZ Gateway computer and from the DMZ Gateway computer to the server computer. If you cannot connect, verify that there is no firewall that would block connections.
If a connection between the server and DMZ Gateway is indicated, but clients cannot connect to the server through DMZ Gateway:
Verify that you can connect to the server using a client account from within your network.
If connection is successful, but clients cannot connect through DMZ Gateway, something is not configured properly in the DMZ Gateway settings, either in DMZ Gateway or in the server. Verify that the server and DMZ Gateway are connected (see above) and that, in the server <--> DMZ Gateway configuration settings, the correct protocols and ports are specified for incoming client connections to the Gateway. These are the ports on which external clients will connect to DMZ Gateway. If no protocol is enabled or the wrong port is defined, clients will not be able to connect.
If connection fails, there is a configuration issue in the server. Review your configuration of user accounts and connection settings.