What port numbers are used by CA IT PAM components?

Document ID : KB000051560
Last Modified Date : 14/02/2018
Show Technical Document Details

Description

This information is needed if you need to block unused ports or put ITPAM behind a firewall.

Solution

Port # CA IT PAM Component Configurable at installation? Notes
7003* Agent Yes TCP port
JXTA communications
Bi-directional
22 Proxy Agent Yes (at SSH installation) TCP port
Privileged port
Outbound SSH connection required by CA IT PAM Proxy
Agents
Bi-directional
Outbound SSH connections to the SSH host required for its operations.
7001* Orchestrator Yes TCP port
JXTA communications
Bi-directional
OasisConfig.properties parameter: oasis.jxta.port
162* Orchestrator Yes UDP port
Incoming SNMP traps
OasisConfig.properties parameter:
oasis.snmptrigger.service.port
1098* Orchestrator Yes TCP port
Java Remote Method Invocation (RMI)
Bi-directional
OasisConfig.properties parameter: jboss.rmi.port
Used for discovering information on RMI services.
1099* Orchestrator Yes TCP port
Java Naming and Directory Interface (JNDI)
Bi-directional
OasisConfig.properties parameter: jboss.jndi.port
Used for looking up port and other information for application services offered by the Orchestrator. Provides a common remote interface to various services (e.g., LDAP, NDS, DNS, and NIS).
8083* Orchestrator No TCP port
RMI Web Service port
Bi-directional
OasisConfig.properties parameter:
jboss.rmi.classloader.webservice.port

Used for handling web service calls to load various RMI objects (classes) from various nodes of the Orchestrator within a cluster.
4444* Orchestrator No TCP port
RMI Server port
Bi-directional
OasisConfig.properties parameter: jboss.rmi.object.port
RMI server socket listening port. This is the port RMI clients connect to when communicating through a single server to handle incoming RMI client calls.
4446* Orchestrator No TCP port
Pooled Invoker port
Pools connections from client to server
Bi-directional
OasisConfig.properties parameter:
jboss.pooledinvoker.serverbind.port

Pooled invoker server bind port. Used by the Orchestrator as a multiplexer for custom socket connections by using standard RMI service implemented through the MBean interface. Pooled invoker service pools client socket connections to the server unlike standard JRMP interface that creates a socket connection for each request.
1100* Orchestrator No TCP port
High Availability Java Naming and Directory Interface (HA-JNDI)
Bi-directional
For High Availability (clustering)
OasisConfig.properties parameter: jboss.ha.jndi.port
Port on which the HA-JNDI stub is made available. Used for looking up port and other information for Application Services offered by the Orchestrator. Provides a common remote interface to various services (e.g., LDAP, NDS, DNS, and NIS).
1101 Orchestrator No TCP port
Highly Available Java Remote Method Invocation (HA-RMI)
For High Availability (clustering)
Bi-directional
OasisConfig.properties parameter: jboss.ha.jndi.rmi.port
RMI port to be used by the HA-JNDI service once bound.
Used for discovering information on RMI services, when the Orchestrator is clustered.
4447* Orchestrator No TCP port
HA-RMI Server port
For High Availability (clustering)
Bi-directional
OasisConfig.properties parameter: jboss.ha.rmi.object.port
RMI object port used by JRMPInvokerHA class. When the Orchestrator is clustered, this port is used by RMI clients when communicating through a single server to handle incoming calls from RMI clients.
4445* Orchestrator No TCP port
Highly Available Pooled Invoker port
Bi-directional
Pools connections from client to server
For High Availability (clustering)
OasisConfig.properties parameter:
jboss.ha.pooledinvoker.serverbind.port

Pooled invoker HA server bind port. When clustered, used by the Orchestrator as a multiplexer for custom socket connections, via standard RMI service implemented by the MBean interface.
1102* Orchestrator No UDP port
JNDI Autodiscovery Service
Multicast group port
For High Availability (clustering)
Bi-directional
OasisConfig.properties parameter:
jboss.mcast.jndi.autodiscovery.port

Multicast group port used to auto-discover other JNDI ports within an IT PAM Orchestrator cluster. Used when the Orchestrator is clustered.
8080* Orchestrator Yes TCP port
Incoming Web Services port
Bi-directional
OasisConfig.properties parameter:
tomcat.connector.http.port

Axis web service port. Used to receive incoming web service calls from external clients\application services.
8443* Orchestrator Yes TCP port
Incoming Web Services port
Secure port (SSL)
Bi-directional
OasisConfig.properties parameter: tomcat.secure.port
Port for Connector component that supports the HTTP/1.1 protocol. It enables Catalina to function as a stand-alone web server, in addition to its ability to execute servlets and JSP pages. Used for receiving incoming web service calls from external clients or application services. Data is encrypted using SSL.
8009* Orchestrator Yes TCP port
AJP port
Orchestrator cluster
Bi-directional
OasisConfig.properties parameter:
tomcat.connector.ajp.port worker.properties parameter
(Load Balancer):worker. nodename .port

Used for managing sessions with an external load balancer. Uses Apache JServ protocol (AJP).

*Each Orchestrator must have its own port if multiple Orchestrators are configured on the same host.