Since the BES10 Service finally received the Version 10.1.1/2, the installation and configuration was anyways just only one big trouble.
Whilst people are now able to install everything whithout the modification of local TCP ports and additonal components, the BDS is running like a charm from scratch, als well as the UDS can be used without a big problem – if you’re able to connect the relevant machine directly to the Internet.
For everybody who has the requirement to go through a DMZ, the UDS does of course give you the possibility to connect through a “TCP Proxy” which would be obviously also located in you DMZ. So far, BlackBerry does not offer any option “out of the box” to implement such feature.
Since you might have already installed you dedicated BlackBerry Router on a Windows Server 2008 R2 in your DMZ, here is how you connect the UDS to it’s relevant components at the BlackBerry site:
1. On your BlackBerry Router server, please open a command prompt with adminstrative permission and enter the following command:
netsh interface portproxy add v4tov4 listenport=3102 listenaddress=10.10.1.45 connectport=3101 connectaddress=220.127.116.11
Please note, the IP mentioned for listenaddress is just an example and needs replacement by the one you are using on your BB RoutersServer. The connect address is the one you receive by doing a nslookup on de.bbsecure.com (in our case de.bbsecure.com) and requires also to be exchanged.
To make sure your setting is valid, please run “netstat -a” to see whether the server is now listening on port tcp 3102. There is no reboot required to enable it!
2. On your BlackBerry Router Server, go to the firewall settings and open port TCP 3102 for incoming connections.
3. On your Firewall to the DMZ, please open Port TCP 3102 directing to the IP you’ve set as the listenaddress in step 1.
4. On your UDS Server, open the hosts file and enter the following lines:
Same as before, the ip address must match to the one you are using on your BlackBerry Router server in the DMZ.
5. In the UDS Settings, please enter the following credentials into the “Secure TCP” Service field:
Same as before, please modify to your needs.
6. On your BlackBerry UDS Server, please restart the Service “Secure Connect”
7. Done. If you are now running the test to connect to the certificate Service, the green tick should appear and your ready to run your UDS Service through the BB Router Server in the DMZ.