Ports to remote servers.

Document ID : KB000013556
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

We upgraded our scheduler to 11.3 but the remote agents are still using version 11.0.   

There is firewall on the server. 

What ports do we need to configure?

 

 

Environment:
Workload Automation AE - 11.xPlatform - ANYDatabase - ANY
Answer:

The 11.0 agents are configured to listen on port 49152 for incoming messages from the schedulers.

The agents communicate their RUNNING and SUCCESS status events back to the as_server process. 

Most clients have their as_servers configured to use port 9000.  (see $AUTOUSER/config.$AUTOSERV AutoServer=<port#>)

Both of the ports mentioned above are typically configured to use csam for communication.

If that is the case that port numbers 9000 and 49152 are virtual ports tunneling thru csam's physical port of 7163. 

 

Confirm the csam configurations are consistent between the as_server and event_demon machine(s) and the agents. 

Run the following on the machines: 

$CSAM_SOCKADAPTER/bin/csamconfigedit display 

$CSAM_SOCKADAPTER/bin/csamconfigedit port=9000 display 

$CSAM_SOCKADAPTER/bin/csamconfigedit portrange=49152-50176 display 

The values for EnablePMUX and EnableSSL must be consistent on the machines. 

To make adjustments one can run something like the following, as root: 

$CSAM_SOCKADAPTER/bin/csamconfigedit port=9000 EnableSSL=False EnablePMUX=True 

$CSAM_SOCKADAPTER/bin/csamconfigedit portrange=49152-50176 EnableSSL=False EnablePMUX=True 

 

Additional items to consider:

The ports mentioned above should be opened for bi-directional communication.

Make sure the scheduler and agent can correctly resolve one another's hostname/ip address using what has been configured in the machine definitions and the $AUTOUSER/config.$AUTOSERV files.

 Check the univagent.out files for errors. 

Also the instance wide encryption setting in the $AUTOUSER/config.$AUTOSERV must be set to none.

 Example: UseEncryption=none

 

For more port and firewall considerations see the following resources:

https://docops.ca.com/ca-wla-ae-wcc/11-4-2/en/installing/ae-implementation/post-installation-procedures-for-the-server/configure-the-firewall

https://docops.ca.com/ca-wla-ae-wcc/11-4-2/en/installing/ca-wcc-implementation/ca-wcc-default-ports-and-services