| | | | |

Scomis Hosted Application Connector – Connectivity Requirements

Connectivity Requirements

The connector will work from any internet connection with the exception of a few countries such as China which are blocked at our firewall

Bandwidth Requirements

For information on bandwith requirement please read teh following FAQ:
Scomis Hosted Application Connector / Scomis hosted SIMS – Bandwidth & Internet Connection Requirements

Testing Connectivity

Before deciding to log a change with your ISP there are three simple tests you can do to see if you already have the appropriate access, click on the links below, in each case a page should load with the Scomis logo.

If you or the company providing your filtering are doing SSL inspection/interception you need to check these sites bypass that.

You can verify this by browsing to the gateway addresses and checking the ssl certificate chain does not point to your filtering device, these are good examples:

gwgw-eclipse

 

If any links do not work you may need to request some or all of the changes detailed below, please contact the Scomis service desk if you need assistance with this.

 

Detailed Connectivity Requirements

Owner Rule
ISP Firewall Your school or home ISP firewall should allow direct connection to the following addresses:

  • gw.scomis.org (217.179.30.30) on TCP port 443.
  • gw-swgfl.rdp.scomis.org (217.179.30.29 / 62.171.219.113) on TCP port 443. updated
  • gw-eclipse.rdp.scomis.org (109.176.0.61) on TCP port 443. updated
  • 2016gw-swgfl.rdp.scomis.org (109.176.0.56 / 62.171.219.118) on TCP port 443 new
  • simsts.scomis.org (109.176.0.58 / 62.171.219.116) on TCP port 443 new

These need to be clean connections bypassing any transparent proxies or other network filtering products.

If you are doing SSL inspection/interception you need to add the same addresses into your exclusion list so they are not intercepted.

You can verify this by browsing to the gateway addresses and checking the ssl certificate chain does not point to your filtering device, these are good examples:

gwgw-eclipse

In addition it is worthwhile adding ICMP (for ping) to aid troubleshooting though not necessary for the service to operate

School Firewall / Filtering If your school or home network has an outgoing firewall (e.g. Smoothwall, ISA, Untangle) you also need to enable direct connections to the following addresses:

  • gw.scomis.org (217.179.30.30) on TCP port 443.
  • gw-swgfl.rdp.scomis.org (217.179.30.29 / 62.171.219.113) on TCP port 443. updated
  • gw-eclipse.rdp.scomis.org (109.176.0.61) on TCP port 443. updated
  • 2016gw-swgfl.rdp.scomis.org (109.176.0.56 / 62.171.219.118) on TCP port 443 new
  • simsts.scomis.org (109.176.0.58 / 62.171.219.116) on TCP port 443 new

These need to be clean connections bypassing any transparent proxies or other network filtering products.

If you are doing SSL inspection/interception you need to add the same addresses into your exclusion list so they are not intercepted.

You can verify this by browsing to the gateway addresses and checking the ssl certificate chain does not point to your filtering device, these are good examples:

gwgw-eclipse

In addition it is worthwhile adding ICMP (for ping) to aid troubleshooting though not necessary for the service to operate

Windows Firewall If your local system has an outgoing firewall enabled you also need to enable direct connection to the same set of addresses

This can be done on the command line with the following commands

netsh advfirewall firewall add rule name=”_ScomisHostedapps-DefaultRoute” dir=out action=allow enable=yes profile=any remoteip=”217.179.30.30″

netsh advfirewall firewall add rule name=”_ScomisHostedapps-SWGfLRoute” dir=out action=allow enable=yes profile=any remoteip=”217.179.30.29″ updated

netsh advfirewall firewall add rule name=”_ScomisHostedapps-EclipseRoute” dir=out action=allow enable=yes profile=any remoteip=”109.176.0.61″ updated

Windows User Proxy settings It is not recommended to bypass your internet proxy settings, however doing so may improve performance or even provide access depending on your ISP.

Depending on your local network configuration a proxy exception may need to be added for gw.scomis.org, gw-swgfl.rdp.scomis.org & gw-eclipse.rdp.scomis.org into your exception list, either manually or by your network administrator.  Do not add https:/gw,scomis.org or *.scomis.org it simply needs to be gw.scomis.org, gw-swgfl.rdp.scomis.org, gw-eclipse.rdp.scomis.org updated

e.g.

exception

Window Machine Proxy Settings There should be no proxy exception for gw.scomis.org, gw-swgfl.rdp.scomis.org or gw-eclipse.rdp.scomis.org under the machine level proxy settings, verify this with “netsh winhttp show proxy” from a command prompt.  On a x64 machine run the same command from C:\Windows\SYSWOW64 where conflicting settings can sometimes be found.
Other connections The connector also connects to http://simsts.scomis.org to download any updates and http://status.scomis.org to update the service status messages but these work through the user proxy settings and do not need to be excluded from your filtering. This can be tested by browsing to:

http://status.scomis.org/hosted_options.php?serial=1

This should download a file called “hosted_options.ini” if it doesn’t then you may need to allow this site through your web filtering system.

 

kb11624

Reviewed 17/04/2020

How useful was this article?

Click on a star to rate it!

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.

Similar Posts