AS2 on DMZ Server

The AS2 service on a DMZ server can be started locally (or not). The parameter handleAS2 in ./etc/startup_dmz.xml is to be set to true or false accordingly (see section Parameter‌s for Class 'CommunicationForwardManager‌').

• AS2 service started (handleAS2=true): AS2 messages are forwarded inwards as a message. If the inner server is (temporarily) not available, the messages are buffered (same for FTP, etc.).

• AS2 service not started (handleAS2=false): All AS2 HTTP requests are forwarded inwards and the inner Integration Server sends MDNs and messages. The file ./etc/forward.properties on the DMZ server needs to contain the following for AS2 forwarding.

  /partner/*=http://<inner server and port>/partner

  or restricted:

  /partner/AS2Retrieve/*=http://<inner server and port>/partner/AS2Retrieve

The forwarding for path /partner/... via the HttpForwardServlet is set up when the DMZ server is started if handleAS2=false and addStandardServlets=true. If during startup, handleAS2=true or addStandardServlets=false and the AS2 service is active, path /partner/... will be used by the AS2 service.

In principle, however, a subpath can also be set up under context /forward for forwarding the AS2 requests, which can always be used independently of addStandardServlets and handleAS2. See also section Forwarding HTTP Requests Inwards. In this case, no active AS2 service is required on the DMZ server, because the AS2 requests are passed on to the internal server.

It is also possible to connect individual partners via forwarding of the HTTP(S) request and others via the AS2 service on the DMZ server. To do so, you can start the AS2 service on the DMZ server, set handleAS2=true and additionally set up the following in file ./etc/forward.properties:

Partners that connect to path /partner/AS2Retrieve/ are accepted on the DMZ server. If they connect to path /forward/AS2Retrieve/, they are forwarded to the internal AS2 service.