Search

GlobalSCAPE Knowledge Base

Overriding the default Network Access Policy Exception limit in DMZ Gateway

Last Year
Karla Marsh
DMZ Gateway

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • DMZ Gateway version 3.0.0 and later

DISCUSSION

By default, DMZ Gateway limits the number of network access policy exceptions that may by defined in both the “grant” and “deny” exception lists.

  • In DMZ Gateway version 3.0.0 the limit defaults to 100 per list.

  • In DMZ Gateway version 3.1.0 and above the limit defaults to 1000 per list.

 You can override the default limit by editing a system property, as described below.

Description: icon_info.gif GlobalSCAPE Quality Assurance tested the system with the default setting; changing this setting from the default may cause as yet unknown issues.

To override the default setting:

  1. Open the file <InstallDir>\conf\DMZGatewayServerService.conf in a text editor.
  2. Locate the “Additional Java Parameters” section, which will be similar to the following text:

    3. # Additional Java parameters. Add parameters as needed starting from 1.

    # By default, use the server Virtual Machine.

    wrapper.java.additional.1=-server

    wrapper.java.additional.2=-DDMZSharedConfigurationDirectory=%DMZ_SHARED_CONFIG_DIRECTORY%

    wrapper.java.additional.2.stripquotes=TRUE

    wrapper.java.additional.3=-Djava.ext.dirs=bin/jre1.6.0_24/lib/ext

  3. Add the following line at the end of the section:

    4. wrapper.java.additional.<Index>=-DNetworkAccessPolicyExceptionLimit=<New Limit>

    Where “<Index>” is 1 more than the index number in the previous line and “<New Limit>” is the desired network access policy acception limit. For example:

    # Additional Java parameters. Add parameters as needed starting from 1.

    # By default, use the server Virtual Machine.

    wrapper.java.additional.1=-server

    wrapper.java.additional.2=-DDMZSharedConfigurationDirectory=%DMZ_SHARED_CONFIG_DIRECTORY%

    wrapper.java.additional.2.stripquotes=TRUE

    wrapper.java.additional.3=-Djava.ext.dirs=bin/jre1.6.0_24/lib/ext

    wrapper.java.additional.4=-DNetworkAccessPolicyExceptionLimit=2500

    Will set the network access policy exception limit to 2500 entries per list.

  4. Save your changes.
  5. Restart the DMZ Gateway Server Windows Service.
  6. To verify that the changes have taken effect, open the file <InstallDir>\logs\DMZGatewayServer.log and locate the most recent log message containing the text "Number of network access policy exceptions is limited to:" This line will display the active network access policy exception limit.
Share Article

On a scale of 1-5, please rate the helpfulness of this article



Not Helpful
Very Helpful
Optionally provide additional feedback to help us improve this article...

Thank you for your feedback!


Comments require login or registration.

Details
Last Modified: Last Year
Last Modified By: kmarsh
Type: HOWTO
Article not rated yet.
Article has been viewed 8.1K times.
Options
Print Article
Export As PDF
Also In This Category
Customer Support Software By InstantKB 2020 Final
Execution: 0.000. 8 queries. Compression Disabled.