Hi,
I am working in a project, whereas the EMS application need to be secured while communicating with NE. To make it secure, we have decided to go with stunnel and openSSL. I have following questions while using stunnel in my application:
1. I read that stunnel limits the number of clients to be connected to 125. Can I increase this number. If so, by increasing this number, what is the implication in performance of stuunel.
2. Since my EMS is capable of managing more than 1000 NEs, I would want to have multiple stunnel client running on the same workstation. Is this possible to have multiple stuunel process running on the same server. if so, how should my stunnle.conf file look like.
I appreciate greatly, If I could get the answers for the above queries.
Thanks and Regards,
Dinesh Wipro Technologies. Bangalore.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Montag 14 Februar 2005 23:28, Manila, Dinesh - Contractor wrote:
Hi,
I am working in a project, whereas the EMS application need to be secured while communicating with NE. To make it secure, we have decided to go with stunnel and openSSL. I have following questions while using stunnel in my application:
- I read that stunnel limits the number of clients to be connected to 125.
Can I increase this number. If so, by increasing this number, what is the implication in performance of stuunel.
- Since my EMS is capable of managing more than 1000 NEs, I would want to
have multiple stunnel client running on the same workstation. Is this possible to have multiple stuunel process running on the same server. if so, how should my stunnle.conf file look like.
That sounds like you need multiple (1000) services. stunnel is capable of binding to many different IPs and ports via services which can be defined inside stunnel.conf.
I again cite from my test stunnel.conf:
[pop3s] accept = 995 connect = 110
[imaps] accept = 993 connect = 143
[ssmtp] accept = 465 connect = 25
[s1] accept = 5000 connect = server1:110
[s2] accept = 5001 connect = server2:25
[s10000] accept = 10000 connect = 80
[10.1.1.100] accept = 10100 connect = 80
[client-10.1.1.101] accept = 10101 connect = 80
[Arbeitsstation-APC102] accept = 10102 connect = 80
Hope this cutout helps ...
I appreciate greatly, If I could get the answers for the above queries.
Thanks and Regards,
Dinesh Wipro Technologies. Bangalore.
stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
- -- Heiko Nardmann (Dipl.-Ing. Technische Informatik) secunet Security Networks AG - Sicherheit in Netzwerken (www.secunet.de), Weidenauer Str. 223-225, D-57076 Siegen Tel. : +49 271 48950-13, Fax : +49 271 48950-50
Besuchen Sie uns vom 10. - 16. März auf der CeBIT 2005 in Halle 7, Stand D38.
Informationen zu unseren CeBIT-Themen finden Sie unter www.secunet.com outbind://44/www.secunet.com - wir freuen uns auf das Gespräch mit Ihnen.
-
Manila, Dinesh - Contractor -
Nardmann, Heiko