Server Management - Systems Insight Manager
cancel
Showing results for 
Search instead for 
Did you mean: 

Managing HP servers through firewall with SIM

Melinda Cooper
Frequent Advisor

Managing HP servers through firewall with SIM

We're now using SIM V5 sp3 and will upgrade to sp4 on 2/21. Has anyone had success with managing a HP server through the firewall? We've managed to use the ILO but were wondering about the server side. We're at Windows 2003 with sp3.
7 REPLIES
Igor Karasik
Honored Contributor

Re: Managing HP servers through firewall with SIM

Melinda,
Did you see "Managing HP servers through firewalls with HP Systems Insight Manager 5.0"
ftp://ftp.compaq.com/pub/products/servers/management/hpsim/ManagingHPServers-withHPSIM.pdf
kc2kth
Frequent Advisor

Re: Managing HP servers through firewall with SIM

So far I've been able to get most management functions to work after opening snmp, 2301, and 2381. However, Version Control Agent configuration still refuses to work. I haven't spent too much time on it though.
Melinda Cooper
Frequent Advisor

Re: Managing HP servers through firewall with SIM

Yes, I've seen the article about Managing servers through the firewall. It's not really a white paper just three case studies. We were able to glean some information out of it.
Troy DeHaven
Advisor

Re: Managing HP servers through firewall with SIM

I have two servers that I manage through the firewall. After I configured the firewall for the SNMP ports and ICMP ports I able to import certificate from management server and everything seems to work ok.
Melinda Cooper
Frequent Advisor

Re: Managing HP servers through firewall with SIM

Troy, what version of HP SIM are you using? Also the two servers that you were successful in setting up, what is their operating system?
Corey Adam
Occasional Advisor

Re: Managing HP servers through firewall with SIM

The white paper told you what ports to open so start with those. You can also look at your firewalls logs and see what ports are constantly being blocked. I had to open a few that the white paper evidently overlooked. Or I had to open a port in both directions where the whitepaper said it was only required in one direction. Also, I think WMI is DCOM based which will break if you are NATing between CMS and clients. Have to use WMI mapper I think.
kc2kth
Frequent Advisor

Re: Managing HP servers through firewall with SIM

I've finally gotten SIM to work pretty reliably through a firewall and thought I'd share the ports I had to open. Note that the CMS and all hosts are Windows based, so no WEBM to consider. Assume a firewall between "hosts" and "CMS" below:

From CMS to hosts:
161/udp - snmp
icmp requests
2301/tcp
2381/tcp

From hosts to CMS:
162/udp - snmp-trap
icmp requests
280/tcp
2301/tcp
2381/tcp

I believe the whitepaper indicates 2301/tcp only needs to be opened from the CMS, however I found it was needed in both directions.