HP Systems Insight Manager 5.2 Update 2 Technical Reference Guide

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager for Linux

381

382

383

384

385

386

387

388

389

390

ProtocolPortDescription

HTTPTCP 2301HP SMH Web Server*

HTTPSTCP 2381HP SMH Secure Web Server*

HTTPSTCP 5989WBEM/WMI Mapper Secure Port+

The following outbound ports must be open to allow communication between a managed system and the

Central Management Server. Not all firewalls on managed systems block outbound requests.

ProtocolPortDescription

SNMPUDP 162SNMP Trap

HTTPSTCP 50004WBEM/WMI Mapper Secure Port+

* If the system is not being managed from HP SIM, only ports 2301 and 2381 must be configured to enable

browser access to System Management Homepage.

** Usage is configurable in HP SIM and Internet Control Message Protocol (ICMP) echo is used by default.

+ Only open port 5989 and 50004 on a Windows system if the WMI mapper is installed.

++ Only open port 22 if OpenSSH is installed.

See the

Understanding HP SIM 5.0 security

white paper at http://h18013.www1.hp.com/products/servers/

management/hpsim/infolibrary.html for more information.

Configuring the firewall

Configuring the firewall on a Windows system

The following steps describe how to configure the Microsoft Windows firewall on a managed server. If a

firewall from a different vendor is used, then you must follow the instructions from your vendor, open the

inbound, and possibly the outbound, ports from the table above, and enable remote administrative access

through the firewall.

1. Select Start→Settings Control Panel.

2. Double-click Windows Firewall to configure the firewall settings.

3. Select Exceptions.

4. Click Add Port and add the ports from the inbound table above.

a. In the Name field, enter the protocol.

b. In the Port number field, enter the port number.

c. Click OK to save your settings and close the Add a Port dialog box.

5. Enable file and print sharing.

a. Select File and Print sharing.

b. Click OK.

6. Click OK to save your settings and close the Windows Firewall dialog box.

7. Enable Remote Administration Exception:

a. In the Control Panel, open the Group Policy editor.

b. Select Computer Configuration→Administrative Templates→Network→Network

Connections→Windows Firewall→Domain Profile→Enable the Windows Firewall: Allow

Remote Administration Exception.

Configuring the firewall on an HP-UX system

The HP-UX IPFilter firewall is included with HP-UX 11iv2 and might need to be installed on earlier versions

of HP-UX. To configure the firewall, a firewall rule-set must be added to the /etc/ipt/ipf/ipf.conf

file and the openings for the ports in the table above must be added. See the ipf(5) manpage for details on

the file format. See the ipf(8) manpage for instructions on enabling the firewall.

Alternatively, HP-UX Bastille can be used to create and enable the firewall configuration. Simply add the

ipf-formatted firewall port-openings from the table above to the

Managing Communications 387