Ports Used

Initial installation scans the following ports, and reports any conflicts for the following ports:

Database: 3306 or user-configured database host, if using MySQL server.

Application server: 8089, 8162, 8489 [HTTPS], 8082

Web Portal: 8080, 8443 [HTTPS]

SNMP: 161, 162

Syslog: 514

When installation encounters a conflict with any of the above ports, a panel appears displaying a warning and the ports in conflict. You can then elect to continue since you can change the application ports after installation. If your installation has no port conflicts, then no panel appears.

The installation scans TCP ports to detect potential conflicts. It does not scan UDP port conflicts including SNMP Ports 161 and 162. No SNMP or other applications should bind to UDP ports 161 and 162 since such bindings interfere with the application. If this conflict exists, the following error appears:

FATAL ERROR - Initializing SNMP Trap Listener

You may also sometimes configure port availability on firewalls. Sometimes, excluding applications from firewall interference is all that is required (see Ports and Application To Exclude from Firewall).

The following are some of the standard port assignments for installed components. These are often configurable (even for “standard” services like FTP or HTTP), so these are the typical or expected port numbers rather than guaranteed assignments. Also, see Protocol Flows for more about network connections. The JBoss directory’s number may vary with your package’s version; *.* appears rather than actual numbers below

Destination Port(s)

Service

File(s)

Notes

Used from Java Client

HTTP/S (Web Client)

80894

oware.webservices.port

[user.root]\oware\lib\owweb services.properties

appserver.

Note: this port was 80 in previous versions.

Yes

84894, 5, 7

org.apache.coyote.tomcat4.CoyoteConnector (Apache)

[user.root]\oware\jboss-*.*\server\oware\deploy\jbossweb-tomcat41.sar\META-INF\ jboss-service.xml

app/medserver, jmx console, and web services, including Axis2

No

Other Ports

n/a5(ICMP)

ping

 

MedSrv -> NtwkElement, NtwkElement -> MedSrv, ICMP ping for connection monitoring.

 

204, 5, 7 (TCP)

FTP Data Port

n/a

(Internally configurable), "MedSrv -> FTPSrv

NtwkElement -> FTPSrv"

 

No

214, 5, 7 (TCP)

FTP Control Port

n/a

(Internally Configurable) "MedSrv -> FTPSrv

NtwkElement -> FTPSrv"

 

No

224, 5, 7 (TCP)

SSH

n/a

MedSrv -> NtwkElement, secure craft access

 

No

234, 5, 7 (TCP)

Telnet

n/a

MedSrv -> NtwkElement, non-secure craft access

 

Yes

254, 5, 7 (TCP)

com.dorado.mbeans.OWEmailMBean (mail)

[user.root]\oware\jboss-*.*\owareconf\oware-service.xml

AppSrv -> SmtpRelay, communication channel to email server from Appserver

No

694, 5, 7 (UDP)

TFTP

n/a

(Configurable internally), MedSrv -> TFTPSrv

 

NtwkElement -> TFTPSrv

No

1614, 5, 7

(UDP)

com.dorado.media tion.snmp.request.listener.port (SNMP), oware.media tion.snmp.trap.forward ing.source.port

[user.root]\owareapps\ezmediation\lib\owmediation.properties

MedSrv -> NtwkElement, SNMP request listener and trap forwarding source

 

No

1624, 5 (TCP)

oware.media tion.snmp.trap.forwarding.des tination.port (SNMP)

[user.root]\owareapps\ezmediation\lib\ezmediation.properties change this property:

com.dorado.snmp.trap.listener.binding=0.0.0.0/162

NtwkElement -> MedSrv, SNMP trap forwarding destination port,

No

5144, 5 (UDP)

com.dorado.mediation.syslog.port (syslog)

 

To change the syslog port, add com.dorado.mediation.syslog.port=[new port number] to owareapps\installprops\lib\installed.properties

 

NtwkElement -> MedSrv (mediation syslog port)

No

18124, 7 (TCP)

RADIUS port (note, RADIUS is not supported in Open Manage Network Manager)

[user.root]\oware\jboss-*.*\server\oware\conf\login-config.xml

AppSrv -> RADIUS Srv, Appserver (RADIUS

client login enabled – optional)

No

5988, 5989

WBEM Daemon (5989 is the secure port) defaults

 

You can add ports and daemons in monitored services. These are only the default. WBEM requires one port, and only one, per daemon.

No

78002(TCP)

org.jboss.ha.frame work.server.ClusterPartition (JBOSS)

[user.root]\oware\conf\cluster-service.xml

disabled - see UDP for same, (JBOSS HA frame work server cluster partition) TCP only

No

8009 (TCP)

org.mort bay.http.ajp.AJP13Listener

[user.root]\oware\jboss-*.*\server\oware\deploy\jbossweb-tomcat41.sar\META-INF\ jboss-service.xml

Obsolete -- appserver

No

8083 (TCP)

org.jboss.web.WebService (JBOSS)

[user.root]\oware\jboss-*.*\owareconf\jboss–root-service.xml

not used (JBoss web services)

appserver

No

84432,4, 5, 7

org.apache.coyote.tomcat4.CoyoteConnector

[user.root]\oware\jboss-*.*\server\oware\deploy\jbossweb-tomcat41.sar\META-INF\ jboss-service.xml

user client -> AppSrv (Apache Coyote Tomcat4 Coyote connector), appserver. This is the default HTTPS port for the web portal.

No

9996, 6343

Traffic Flow Analysis

trafficanalyzer.ocp

You must configure the router to send flow reports to the Open Manage Network Manager server on 6343 for sflow by default.

No

2 Unused in standard configuration.

3 Client does not connect to medserver on this port.

4 This port is configurable.

5Firewall Impacting

7Bidirectional

 

To operate through a firewall, you may need to override default port assignments.

 

To configure ports, open their file in a text editor and search for the default port number. Edit that, save the file and restart the application server and client. Make sure you change ports on all affected machines.

The mediation service also establishes a socket connection to client on ports 6500 to 6510 for cut through. Such connections are specified in the ezmediation/lib/ezmediation.properties file.

[user.root] = $OWARE_USER_ROOT