Server Management - Systems Insight Manager
1833813 Members
3494 Online
110063 Solutions
New Discussion

Re: port questions

 
SOLVED
Go to solution
CG_2
Frequent Advisor

port questions

I currently use IM v7 to manage Windows only systems and have questions about SIM v4.1...
I see this in the docs for SIM v4.1: "Use the TCP protocol for system reachable (ping)check.port number 80" (http://docs.hp.com/hpux/pdf/5990-8181.pdf ; Configure Protocol Settings, page 80).
Can that port number be changed to something else? Could it even be 2381?

(This next one may be off topic for the group)
Can the web agents be made to not listen on port 2301? I can't tell what it is used for, or is it a phantom from days-gone-by?


I'm just looking to close unused ports on my systems and in the network ACLs.

Thanks in advance.
4 REPLIES 4
David Claypool
Honored Contributor
Solution

Re: port questions

2301 listens and if connected, redirects to the secure 2381 page. 2301 is maintained for backward compatibility.

Joel Rubenstein
Honored Contributor

Re: port questions

It is possible to configure the port number.
You must add the line NodeReachableTcpPort=xxx where xxx=port number to the file C:\Program Files\HP\Systems Insight Manager\config\globalsettings.props and then restart the SIM service.
CG_2
Frequent Advisor

Re: port questions

Thanks, both of you.

In terms of network ACLs, if I only need a SIM server to watch health, what is the minimum traffic I need to allow?
Could I set NodeReachableTcpPort=2381 and then only need to allow that 1 port inbound to the DMZ from the mgmt server. When it tests "reachability" does it just SYN/ACK per se? If so then I wouldn't expect it to cause any problems with the agents themselves.
Joel Rubenstein
Honored Contributor

Re: port questions

You should take a look at the whitepaper Understanding HP Systems Insight Manager Security.

http://www.hp.com/wwsolutions/misc/downloads/management/hpsim/HPSIM_Security_WP.pdf

Yes it uses SYN/ACK to check connectivity so there does not need to be an actual web server running on the port you specify.