Communicating with the NMS through a Firewall The NMS Client and the NMS Server
The NMS client requires the use of a Java Web Start (Java RMI) client. To access the Web Start client, you launch an HTTP connection to the server using TCP port 9090, not the typical TCP port 80.
The Java Web Start client uses a random TCP port to the destination port TCP/10099.
Depending on your requirements, the following destination port settings are required for communication between the NMS client and server. The NMS can utilize any available source port.
NMS to Managed Devices
Telnet TCP/23
SSH TCP/22
HTTP TCP/80 Optional. Used to enable the NMS to act as a proxy to reach iMG devices.
SSL TCP/443 Optional. Used to enable the NMS to act as a proxy to reach iMG devices.
SNMP UDP/161
CWMP TCP/9797 TR-069
FTP TCP ports 21 and 20
TFTP UDP/69
Managed Devices to the NMS
SNMP Traps UDP/162
DHCP Client UDP/67
FTP TCP ports 21 and 20
TFTP UDP/69
Syslog UDP/514
TACACS+ TCP/49 and UDP/49
NMS Client and the NMS Server
HTTP TCP/9090 Note the NMS uses a custom port for HTTP.
Remote Desktop TCP/3389 Optional. Remote Desktop is not required but is available if needed in your network.
TeamViewer TCP/5938 Optional. Can be used for remote support if a VPN is not available.
Java RMI TCP/10099
console TCP/10090 Optional. Used to debug Java.
NMS Client and Managed Devices
You can enable client machines to have direct access to devices through Telnet or SSH. Some iMG devices also use an HTTP web interface to allow you to manually manage software revisions and configuration.
The NMS client uses the following destination ports to communicate with managed devices. Any available source port can be utilized.
NMS and Auxiliary Servers
The NMS can communicate with auxiliary servers through a firewall for user authentication and email notification of network events. These services are not required, however, they are available if you need them.
The NMS uses the following destination ports to communicate with auxiliary servers on a different network. Any available
Telnet TCP/23
SSH TCP/22 Optional. You can use Telnet or SSH to communicate with devices.
HTTP TDP/80
TABLE 13-5
Protocol Destination Port
TACACS+ TCP/49 and UDP/49
RADIUS UDP/1812
SMTP UDP/2
|