Windows XP Service Pack 2 closes ports by default which can cause errors in LANSA applications and products

Date:Archived
Product/Release:All LANSA products accessing a LANSA Data/Application Server
Abstract:Possible errors in LANSA products and applications after applying Windows XP Service Pack 2
Submitted By:LANSA Technical Support

Service Pack 2 (SP2) for Windows XP due for general release in August 2004. LANSA has been actively involved in early release testing of SP2. The information listed below is based on the results of this early release testing, using Release Candidate 1 (RC1). Note that SP2 is scheduled for GA release in August 2004, it is possible that further issues will be raised by the GA version of SP2. LANSA will endeavor to test and issue updated information as soon as possible after completing testing with the GA release of SP2.

Microsoft have implemented various changes to Windows XP in Service Pack 2 (SP2). SP2 contains changes mainly in the area of security. Some of the scheduled changes are in the area of closing ports that are currently open by default. The changes will impact your LANSA applications and LANSA products due to ports no longer being available for use following an install of SP2.

Please refer to the following link for more information concerning Service Pack 2 www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx and in particular, the section titled Security Information for Windows XP Service Pack 2.

Customers with LANSA for the Web and Visual LANSA production systems in a Windows environment should be aware of the changes introduced by SP2 and what affect they may have on their LANSA applications prior to applying the Service Pack.

The main points to be aware of in SP2:

  1. When XP Service Pack 2 is installed, a new Windows Firewall is enabled.
  2. This firewall disables all ports.
  3. Programs which communicate with 'the outside world' need to be added to the list of exceptions.

For any PC with Windows XP that has SP2 applied to it:

  1. Visual LANSA Server Installation
    • Firewall will block the ASA Database Engine during the install
    • The following security alert will be generated, to which the user must provide a response:

      To help protect your computer, Windows Firewall has blocked this program from receiving unsolicited information from the Internet or the network
      Name: Adaptive Server Anywhere Database Engine
      Publisher: iAnywhere Solutions Inc/
      o Unblock this program
      o Keep blocking this program
      o Keep blocking this program, but ask me again later

       
    • User will need to select Unblock for installation to continue
       
  2. Visual LANSA Network Client
    • After installing Visual LANSA network client, attempting to connect to the Visual LANSA Server will fail.
    • Error message Database Server not found is displayed when attempting to connect from LANSA.EXE shortcut or from the ODBC test connection dialog.
    • ASA Sybase Server Engine dbsrv8.exe must be added to program exception list in Firewall settings on the PC that has SP2 applied.
    • Default database server engine TCP/IP port 2638 must be added to list of enabled ports on the PC that has SP2 applied.
    • In case of multiple Visual LANSA systems, each ASA TCP/IP port must be enable.
       
  3. Web Administrator/Web Editor
    • Connecting to Visual LANSA Data/Application server using Web Administrator from network PC will fail. Error code 0x14 is generated, indicating that the server cannot be located.
    • To use the LANSA for the Web Administrator or Editor, the Listener port 4545 must be added to list of enabled ports on the PC that has SP2 applied.    
       
  4. XSL Editor
    • To use Remote Debugging for WAMs, the Remote Debug host, as specified in the XSL editor under Options from the Tools menu (and port if specified) must be enabled in the Windows Firewall for it to be used for the listener. Refer to the XSL Editor, and select Options from the Tools menu. If no port is specified, the default is 4545 and this port would need to be enabled in the Windows Firewall (refer to picture 2 below).
       
  5. LANSA Web Server
    • After configuring the Web Server using port (NN) within the Web Administrator, connection to the Visual LANSA Data/Application server via the LANSA for Web application will fail.
    • To use LANSA for the Web, the chosen port (NN) must be added to list of enabled ports on the PC that has SP2 applied, default is 80.
       
  6. LANSA Client
    • To use LANSA Client, the Listener port (Default port 4545) must be added to list of enabled ports on the PC that has SP2 applied.
       
  7. LANSA Integrator
    • Attempt to install Sun Java 1.4.2_03 was unsuccessful - message Service Pack prevent installation.
    • Sun Java version 1.4.0 can be installed
    • Starting JSM Administrator produced Security Alert. User will need to unblock Java.
    • Ports 4560 and 4561 must be added to list of enabled ports on the PC that has SP2 applied.
    • If backlog required, port 20 must be added to list of enabled ports on the PC that has SP2 applied

Windows Firewall:

Windows Firewall Screen

Windows Firewall Screen 2