MSMQ outside own Network
mathiaslindahl
Member Posts: 4
Hello!
My problem is that I cant send/receive message with MSMQ to a remote computer located outside our firewall. I try to send with TCP and HTTP without being able to get connected, computer or queue can't be find. Using Navision 4sp3. This is the code:
CREATE(ComCom);
CREATE(MSMQ);
ComCom.AddBusAdapter(MSMQ,1);
MSMQ.OpenReceiveQueue'DIRECT=TCP:212.112.162.xyz:1801/private$\TestQ',0,0);
OR
MSMQ.OpenReceiveQueue'DIRECT=HTTP://stefmkwe.d3g.com/private$\testq',0,0);
Ports are opened in our firewall (135,1801,2101-2105 and 3527).
Happy to receive any tips!
/M
My problem is that I cant send/receive message with MSMQ to a remote computer located outside our firewall. I try to send with TCP and HTTP without being able to get connected, computer or queue can't be find. Using Navision 4sp3. This is the code:
CREATE(ComCom);
CREATE(MSMQ);
ComCom.AddBusAdapter(MSMQ,1);
MSMQ.OpenReceiveQueue'DIRECT=TCP:212.112.162.xyz:1801/private$\TestQ',0,0);
OR
MSMQ.OpenReceiveQueue'DIRECT=HTTP://stefmkwe.d3g.com/private$\testq',0,0);
Ports are opened in our firewall (135,1801,2101-2105 and 3527).
Happy to receive any tips!
/M
It'd be very quiete in the forest if only the best birds were singing.
0
Comments
-
If the server outside the firewall is a stand-alone server, then you must hack the registry on that server to allow workgroup mode access to MSMQ:
Message Queuing 3.0 cross-forest clients on Windows Server 2003 family computers in non-trusted domains will use the secure remote read interface. By default, the Message Queuing 3.0 server requires domain clients to establish an encrypted channel, and such a channel cannot be established between non-trusted domains. Thus remote read requests from such clients will be rejected. To modify this default behavior and allow the Message Queuing server to accept domain clients that do not establish an encrypted channel, create a DWORD value Security\NewRemoteReadServerAllowNoneSecurityClient in the registry and set it to 1.0 -
I'm pretty sure ComCom and the MQBA only work with private queues. You could program C/AL directly on the MSMQ object model though, so if you know how to do that in VB or C# it should not be a big deal implementing that in NAV.0
-
I tried to enter the DWORD-value in the HKEY_Local_Machine\Security, but it's not possible to write anything there. "Cannot create value: Error writing to the registry" . So I guess it's a dead-end.
/Mkajnn@wmdata.com wrote:If the server outside the firewall is a stand-alone server, then you must hack the registry on that server to allow workgroup mode access to MSMQ:
Message Queuing 3.0 cross-forest clients on Windows Server 2003 family computers in non-trusted domains will use the secure remote read interface. By default, the Message Queuing 3.0 server requires domain clients to establish an encrypted channel, and such a channel cannot be established between non-trusted domains. Thus remote read requests from such clients will be rejected. To modify this default behavior and allow the Message Queuing server to accept domain clients that do not establish an encrypted channel, create a DWORD value Security\NewRemoteReadServerAllowNoneSecurityClient in the registry and set it to 1.It'd be very quiete in the forest if only the best birds were singing.0 -
mathiaslindahl wrote:I tried to enter the DWORD-value in the HKEY_Local_Machine\Security, but it's not possible to write anything there. "Cannot create value: Error writing to the registry" . So I guess it's a dead-end.
/Mkajnn@wmdata.com wrote:If the server outside the firewall is a stand-alone server, then you must hack the registry on that server to allow workgroup mode access to MSMQ:
Message Queuing 3.0 cross-forest clients on Windows Server 2003 family computers in non-trusted domains will use the secure remote read interface. By default, the Message Queuing 3.0 server requires domain clients to establish an encrypted channel, and such a channel cannot be established between non-trusted domains. Thus remote read requests from such clients will be rejected. To modify this default behavior and allow the Message Queuing server to accept domain clients that do not establish an encrypted channel, create a DWORD value Security\NewRemoteReadServerAllowNoneSecurityClient in the registry and set it to 1.
Key isn't in HKEY_Local_Machine\Security but in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSMQ\Parameters\Security\NewRemoteReadServerAllowNoneSecurityClient
Read http://msdn2.microsoft.com/en-us/library/ms699854.aspx0
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 116 Navision DOS
- 851 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 617 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 320 Dynamics CRM
- 111 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 990 SQL General
- 383 SQL Performance
- 34 SQL Tips & Tricks
- 35 Design Patterns (General & Best Practices)
- 1 Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.6K General
- 1.1K General Chat
- 1.6K Website
- 83 Testing
- 1.2K Download section
- 23 How Tos section
- 252 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions