List of Ports for Communication Across Firewalls

Document ID : KB000044272
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction: 

Communication across a firewall can apply in many network environments. Your options for enabling communications among CA Spectrum components depend on the types of firewalls that you deploy. We recommend working with the firewall administrator for your network to work out a strategy for letting CA Spectrum and One Click traffic traverse firewalls.

 

Question: 

What are the list of ports that are needed by SpectroServer and OneClick Web server  for communication across firewalls

 

Environment:  

Spectrum 9.4.x, 10.x

 

Answer: 

The OneClick web server communicates with processes on the SpectroServer host system to gather data to display in OneClick clients. The OneClick web server typically initiates this communication.

The OneClick web server establishes connections to specific SpectroServer host-side TCP ports. The web server uses these ports for sending requests and receiving responses. However, OneClick uses a single listening port (default 14001). The SpectroServer initiates the connection to that port. As a result, modifying firewall configuration is often necessary. The SpectroServer uses bidirectional IIOP (Internet Inter-ORB protocol) to communicate with its CORBA clients.

The following diagram illustrates the IP connectivity that is required for a OneClick web server to communicate with a SpectroSERVER.

 

communication.png

Note:

In a Fault-Tolerant configuration, the same ports must be opened between the OneClick Server Host and the secondary SpectroSERVER Host, including port 14003 if running a secondary Archive Manager.