ArcSDE services inside a firewall

To provide access to an ArcSDE service inside a system security firewall, the host computer on which ArcSDE is installed should be listed in your domain name server (DNS) database. The DNS must be registered with your Internet service provider (ISP) or directly with Network Solutions (formerly called InterNIC), the organization that registers Internet domain names.

Your DNS resolves the Internet Protocol (IP) address of your computer to the name, or universal resource locator, you want to make accessible to the Internet. In most cases, you will have more machines within your local network than you will have Internet IP addresses for. In this case, you would maintain your own set of internal IP addresses known only to your local area network (LAN). Your firewall, or proxy server software, will translate your internal IP addresses to Internet IP addresses when you access computers outside your LAN.

Since ArcSDE services listen for connections on a Transmission Control Protocol/Internet Protocol (TCP/IP) port number that corresponds to your service name, you must also add the TCP/IP port number to the computer's host name when connecting to it.

For ArcSDE applications built with the ArcSDE C application programming interface (API), the host must always be specified using host name.

For ArcSDE Java applications, you can specify an ArcSDE host name in two ways. You can either use the DNS name, if it is available, or you can connect to it directly using its Internet IP address.

The giomgr process bequeaths the port number to the gsrvr process following a successful connection. Therefore, all communication to the ArcSDE service occurs on the same TCP/IP port number.

If you cannot connect to an ArcSDE service through a firewall, test the accessibility of the remote ArcSDE host with your Internet browser by specifying either the server name and TCP/IP port number or the IP address and TCP/IP port number as the URL.

The correct syntax is as follows:

<server name>:<port number>
<IP address>:<port number>

Tip

You can add the server name and IP address of the ArcSDE server to the systems host file of the connecting machine, allowing it to identify the server even when the firewall has blocked the lookup of the server name and IP address.


8/19/2013