Skip to content

x Want to ask a question or reply? Click here to join the group.
Options
  • State Verified Answer
  • Replies 3 replies
  • Subscribers 93 subscribers
  • Views 475 views
  • Users 0 members are here
Browse Forums
Announcements
378
topics
392
replies
Business Object Interface
1k
topics
8k
replies
Core Financial Modules
1k
topics
4k
replies
Customization and Productivity
3k
topics
13k
replies
Distribution, Manufacturing, and Applications
1k
topics
4k
replies
General Discussion
1k
topics
3k
replies
Partner Cloud
62
topics
123
replies
Payroll, Time Tracking, and Job Cost
454
topics
1k
replies
Reporting and Analytics
601
topics
2k
replies
Sage CRM for Sage 100
129
topics
393
replies
Technical and Installation
2k
topics
10k
replies
Year-end Forum
60
topics
207
replies

Sage ports for GSA access

SCPitkin
Solved
Posted By

All of the instructions I can find for Sage and firewall access points to unblocking program locations and names.  I cannot find any solid information on the actual ports that Sage uses.  The reason I'm looking for this information is to attempt to deliver this program through Microsoft's Global Secure Access, which uses NLA to redirect port traffic when on authorized devices.  

From what I can gather, the main program itself uses whatever port you define when you set it up (default to 10000) and Crystal uses port 20222.  Opening these ports allows the main program to open and log in, and printing reports also works.  However, it seems like every other module within Sage tries to open up a random port in the 65000 range when launched.  I've attempted to launch multiple modules and gotten the telltale "Connection failure to host: [TCP] <servername>;<port>:NODELAY;STREAM" error.  Even trying to launch the same module multiple times gives a different port number each time.  

Is this the expected behavior for Sage modules?  Is there a defined range that these ports will attempt to connect through?  Is there any way to define these ports?  I'm guessing this is the reason why all firewall documentation insists on process unblocking rather than port unblocking, but GSA does not operate this way.  

Any help or expertise would be greatly appreciated!  

  • 0

    In the Sage Knowledgebase (accessible via available via  https://communityhub.sage.com/global-resources/, there is the general article "How to configure Windows Firewall for Sage 100 Advanced and Premium (with video) - solution ID 220924460105259). 

    Regarding your question on the specific ports list for the pvxwin32.exe and pvxwin64.exe processes (32-bit Sage 100 and 64-bit Sage 100) the Sage Knowledgebase article   'Error: "Connection failure to host: [TCP]server:port number:NODELAY;STREAM"' (currently, article solution id 222924450019875) lists the ports below: 

    "If error occurs with all tasks and the port number in error is random port number from 49152 - 65535, then program process Inbound Rules needs to be created on the Windows Server under Windows Firewall Advanced Security."

    The full article reads:

    Error: "Connection failure to host: [TCP]server:port number:NODELAY;STREAM" occurs when accessing and processing in any application module or task window in Sage 100.

    Cause

    • Firewall rules are not properly set for the Sage 100 program; see "How to configure Firewall for Sage 100 Advanced and Premium"
    • The service may be corrupt or another application is using the same port number as Sage 100 ERP.
    • The root cause is often due to a problem with the network environment. The suggested resolutions are potential workarounds.

    Resolution

     CAUTION: This solution requires advanced knowledge of Windows security and network settings. Sage isn't responsible for any issues that arise from changes to these settings. Ensure you back up all system and application databases necessary for a complete restoration. It's advisable to contact a certified consultant or your system administrator for assistance.

    It is also possible to get "NODELAY;STREAM" error if Sage 100 Application Server Configuration - Server tab - has the "CmdAsUser" checkbox. If this is selected, uncheck this checkbox and select Apply to save the settings and then Exit.

    Warning: changing settings may require stopping and starting the Application Server service which would disconnect Sage 100 users.

    To resolve these issues, try the following potential resolutions or workarounds. Note: The issue may be due to network/environmental problems, Sage 100 Customer Support cannot guarantee resolution. Sage 100 Customer Support is not responsible for troubleshooting network or environmental issues!

    If error occurs with all tasks and the port number in error is random port number from 49152 - 65535, then program process Inbound Rules needs to be created on the Windows Server under Windows Firewall Advanced Security.

    • Set Inbound Rules
      1. Open Administrative Tools, Windows Firewall with Advanced Security console
      2. In the left pane of the console, select Inbound Rules
      3. Right-click select New Rule
      4. Select Program click Next
      5. Select "This program path:" and browse to \..\mas90\home\pvxwin32.exe (i.e. C:\Sage\MAS90\Home\pvxwin32.exe) on server, or \..\mas90\home\pvxwin64.exe for 64-bit installations of Sage 100
      6. Select Next until get to 'Specify the name and Description of this Rule" screen
      7. Enter name for Inbound Rule
      8. Select Finish

    If using the Client/Server ODBC Driver in Sage 100 Advanced, follow the steps below:

    1. In the left pane of the console, select Inbound Rules
    2. Right-click select New Rule
    3. Select Program click Next
    4. Select "This program path:" and browse to \..\mas90\Home\pvxiosvr.exe (i.e. C:\Sage\MAS90\Home\Pvxiosvr.exe) on server
    5. Select Next until get to 'Specify the name and Description of this Rule" screen
    6. Enter name for Inbound Rule
    7. Select Finish

    To remove corruption from the Sage 100 service, disable and reinstall the service. Then create new files:

    • To uninstall the Sage 100 ERP service:
      1. From the Windows desktop on the Sage 100 server, click the Start button. On the Programs menu, point to Sage Software, and then click Uninstall Application Server Service.
      2. In the Service field, select the service, and then select the port of the service.
      3. Click the Remove button.
      4. Click Yes to confirm.
    • To reinstall the Application Server Service:
      1. From the Windows desktop on the Sage 100 server, click the Start button. On the Programs menu, point to Sage Software, and then click Application Server Service Setup.
      2. Select the path to the Sage 100 folder
      3. Click OK to add the service.
    • Note: The service is added based on the settings on the Server tab of Application Server Configuration.

    To refresh the Application Server Configuration files in case they were corrupted:

    1. Stop the Application Server and close the Application Server Configuration application.
    2. On Server go to the Task Manager and kill all PVXWIN32.exe's.
    3. On the Sage 100 server, rename the following files:
      • ..\MAS90\MAS_System\SY_Console.m4t
      • ..\MAS90\MAS_System\SY_Workstation.m4t
      • ..\MAS90\Home\Lib\_Appserv\Locate.pvk
      • ..\MAS90\Home\Lib\_Appserv\Sessions.pvk
    4. Go to All Programs and find the Application Server Configuration and Open it, once it has created the files you can close it.
    5. Restart the Application for Sage 100 ERP Advanced or Premium
      1. From the Windows Desktop at the Sage 100 ERP server, click Start
      2. On the Programs menu, point to the Sage Software or Sage program folder
      3. Select click Application Server Configuration
      4. Click the Server tab. Clear the KeepAlives check box
      5. Click the Clients tab. On the Re-Connect list, select None
    • Note: New Locate.pvk and Sessions.pvk files are created when the Application is restarted. If Sage 100 is normally run as a Service, start the Application first and follow the steps above, then make sure at least one user can log in. Then have that user log out and stop the Application, then Start the Service and allow users to log in.)
    • Note: If there is on-going network corruption, then these refreshed files may become corrupted again.

    If problem continues, consider changing the port number:

    1. At the Sage 100 ERP server, set the service to Manually Start.
    2. From the Windows Desktop on the Sage 100 server, click Start. On the Programs menu, point to Sage Software or Sage program folder, then click Application Server Configuration.
    3. Click the Server tab. In the Sockets field, change the socket number to any unused number between 9,000 and 10,000. (If using a firewall, make sure the port is not blocked.)
    4. Click the Start button
    5. If the service starts and runs as an application on the new port number, remove the previous service, and create a new one with the new port number.
      • Remove the original service using Uninstall Application Server Service.
      • Create a new service using Application Server Service Setup

    If the message is occurring only for specific users:

    1. Have all users exit Sage 100.
    2. Log on to Sage 100 as Administrator.
    3. From Administrative Tools, select User Maintenance.
    4. Select the first user, and click the Preferences tab.
    5. Select the Spawn Tasks from Application Server check box and click Accept.
    6. Proceed for remaining users.
    7. Click Done.

    If Sage 100 Advanced or Premium is running as a Service, try running Sage 100 as an Application instead:

    1. Stop the Sage 100 service (in Windows, Control Panel, Administrative Tools, Services)
    2. On the Sage 100 server from the Windows Task bar, click Start, Program Files, Sage, Application Server Configuration.
    3. Click Start
  • 0 in reply to DGR

    Yes, I saw that article.  My question wasn't how to get it to work through a firewall, GSA is not a firewall, it's a port redirection.  GSA does not work at a process or application level, only at a port level, so my question was if there was any way to define these ports rather than have the Sage client simply pick one at random between 49152 - 65535 every time it wants to open a module, or if this is simply how Sage inherantly works, making it incompatible with GSA.  

  • +1
    verified answer

    For anyone else searching for information on Sage and how it interacts with Global Secure Access- I was able to make it function by allowing ports 10000, 20222, and 49152 - 65535.  However, the latency between Sage and the end user clients made the experience basically unusable for two main reasons;  

    1- GSA does a user authentication with every new port request, and while this is invisible to the user, the amount of information that needs to exchange to secure a new connection every time you open a module or send a request through a new port (which is almost every time Sage opens a new window) is insane. 

    2- Sage has gotten better at only sending the amount of a table or requested information through with a request, but it will download the entire range rather than only the selected range often enough to make it take forever for even simple requests.  

    It seems that until Sage engineers do more work to make it more deliverable friendly, RDS or VPN access continues to be the only way to deliver Sage to remote users in a usable fashion.   

*Community Hub is the new name for Sage City