Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: page break management for PDF

...

This section provides an overview of the firewall and/or AWS security group requirements when running Charon-SSP.

(warning) The ports used by a Charon-SSP installation will can be different depending on the applications running on the host system and on the guest Solaris system. They will also depend on the configured Charon-SSP features. The information in this section is provided for information informational only and can never be totally complete.

...

The following table provides an overview of the most frequently used network ports in a Charon-SSP installation. They must be taken into account when configuring firewalls and AWS security groups allowing access to the Charon-SSP installation.

ComponentPort(s)PurposeApplicable to AWS version
SSH, SFTP, SSH tunneling22 (TCP)

SSH access; required for

  • access to the Charon-SSP host command-line,
  • connecting to the Charon-SSP host  using the Charon Manager's built-in SSH feature,
  • SFTP file transfer, and
  • SSH VPN tunnels.



Y

Charon-SSP Agent

9091 (TCP and UDP)

Communication with Charon-SSP Manager and Charon-SSP Director

Y

9101 (UDP)

Communication with Charon-SSP Director

Y

Graphics emulation

default: 11001 (TCP)

Mouse event data (

default

port

can be changed;

must be unique on host system)

Y


default: 11000 (TCP)

Keyboard event data (

default

port

can be changed;

must be unique on host system)

Y


default: 11100 (TCP), 11101 (TCP)

Remote screen emulation for single (one port) or dual (two ports) screen (default ports can be changed; must be unique on host system)

Y

Telnet or TCP raw mode serial ports/serial console

default: 9000 (TCP)

Port to access emulated serial console or other emulated serial port via TCP. Port must be unique for each emulated port on host system.


Y

Xephyr X-server

6001-6100 (TCP); port specified in X11 server configuration

Determines the X DISPLAY number. For example: 6100 indicates DISPLAY :100. Must be unique on host system.

Y


7100 (TCP)

Font-server port

Y


177 (TCP and UDP)

XDMCP server

Y

NFS server

111 (TCP and UDP)

RPC portmapper



ports assigned

via

by portmapper

by default

use # rpcinfo -p to determine ports used (conventional product only)



static port assignments

For example: setting RPCMOUNTDOPTS="-p port" in
/etc/sysconfig/nfs will add "-p port" to the rpc.mount command (conventional product only).


VNC server on host system

5901-5910 (TCP)

Actual port depends on VNC server configuration. Allow a remote client to access the VNC server on the host system.


License manager, license server

1947 (TCP and UDP)

Access to web-based Sentinel ACC GUI, identification of remote network licenses served by license servers, using remote network licenses.



8080 (TCP)Access to cloud license server.Y

License client

30000 to 65535 (UDP)

Incoming answers from license servers if broadcast search is used.


PulseAudio server

4713 (TCP)

Emulated audio device

Y

iSCSI target

3260 (TCP and UDP)

Required for the initiator to access the target.

...


Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc