Results 1 to 4 of 4

Hi, I am trying to get a BES running behind a corp firewall which will ... Server Admins forum

  1. #1
    dagopher's Avatar
    dagopher no está en línea Stack level 1
    Join Date
    Dec 2006

    Smile BES behing firewall



    I am trying to get a BES running behind a corp firewall which will not allow the opening of port 3101.

    I am hopefull that there is a way around this as the paperwork to get the port open is immence and a rather frustrated process.

    Any help would be appreciated.


  2. #2
    Rcbjr's Avatar
    Rcbjr no está en línea Stack Pro
    Join Date
    May 2006
    PM - Ask
    dagopher, Welcome to PinStack.

    Not the BES Expert, but wanted to welcome you and to bump this up on the New Posts list so it might draw more help.

    Let us know if there is anything else we can do to help with your BB.

    You Ask, We Will Answer
    Can’t Install theme via DM?No Additional Apps Found for Your Device
    Links to Usefull KB Articles

  3. #3
    dkozinn's Avatar
    dkozinn no está en línea Stack level 3
    Join Date
    Oct 2006
    Although we have a couple of dozen production BES servers in our environment, I recently went through the process of setting up a server in one of our labs to do some testing. I faced the same issues as you (rather daunting paperwork to get the firewall ports open) and looked around for some way to proxy the requests through our existing internet proxy without success. (I finally bit the bullet and did the "paperwork" and got permission to get the ports opened.)

    RIM has been quite security concious, so the risk of opening that port is quite small. You may want to explain to "the powers that be" that the port only needs to be opened for connections that original from you BES server, on that one port, to the appropriate SRP addresses (there are currently two serving North America), which will allow the security folks to be pretty restrictive in what they have to open up. It may also help to point out that since the connections are always originated from your server, there is no need to have port 3101 open "inbound" to your environment, further minimizing the risk.

    Finally, you might want to grab some of the security-related whitepapers off RIM's website which explain their security model. Here's one link to some of them:

    Good luck!

  4. #4
    wizkid1981's Avatar
    wizkid1981 no está en línea BES Guru
    Join Date
    Jan 2007

    Re: BES behing firewall

    Port 3101 only needs to be open for outbound initiated bidirectional communication. This has no risk what so ever to your network.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts