Important

   

Starting version 8.9.03, BMC Network Automation is renamed to TrueSight Network Automation. This space contains information about BMC Network Automation 8.9.02 and previous versions. For TrueSight Network Automation 8.9.03 and later releases, see the TrueSight Network Automation documentation.

Troubleshooting Windows firewall ports

The topics in this section describe how to troubleshoot issues with Microsoft Windows firewall ports.

Application ports that must not be blocked

The following ports must be open on the BMC Network Automation application server:

Service

Protocol

Port or other permission

Web, unsecure

TCP

80

Web, secure

TCP

443

FTP

TCP

20 and 21

SCPTCP22
SSHTCP4000

TFTP

UDP

69

Syslog

UDP

514

Ping

ICMP

Allow inbound and outbound ICMP echo requests and responses

Note

Some of these ports could have been changed when the product was installed.

The SSH proxy port 4000 could have been changed through the global.properties file settings.

The Syslog port 514 could have been changed through editing of the local device agent.

Unblocking ports

When installing the application server on a Windows platform that uses a firewall, ensure appropriate application ports are not blocked.

To unblock ports in the Windows Firewall that you plan to use in the product, follow the instructions in the following topics.

To allow connections to the TFTP server on Windows while running the firewall

The Windows installation process installs a TFTP server. In the Windows Firewall window, click the Exceptions tab, click Add Program, and then browse to and select C:\Program Files\BMC Software\BCA-Networks\tftpd\TFTPServer.exe.

To allow connections to another FTP server on Windows while running the firewall

These instructions assume that you have already installed a third-party FTP server other than TFTP (see Installing an FTP server on Windows).

In the Windows Firewall window, click the Exceptions tab, click Add Program, and then browse to and select the executable file name of the FTP server. In some cases the FTP server runs under a command interpreter or virtual machine such as the Java Runtime Engine (JRE).

To allow connections to a SSH server on Windows while running the firewall

These instructions assume you have already installed an SSH/SCP server, such as openssh (see Installing an SSH and SCP server on Windows).

  1. In the Windows Firewall window, click the Exceptions tab, and then click Add Port.
  2. In the Add a Port screen, enter the name and port number of the server.
  3. Select the TCP or UDP option.
  4. Click OK.

To allow connections to the syslog server on Windows while running the firewall

  1. In the Windows Firewall window, click the Exceptions tab, and then click Add Port.
  2. Enter the name and port number of the syslog server.
  3. Select TCP.
  4. Click OK.

To allow connections to the BMC Network Automation web server on Windows while running the firewall

  1. In the Windows Firewall window, click the Exceptions tab.
  2. Click Add Program.
  3. Browse to and select C:\Program Files\BMC Software\BCA-Networks\tomcat\bin\tomcat7.exe.

    Note

    The BMC Network Automation web server is based on the Apache Tomcat Java servlet engine. The executable name tomcat7.exe can be different in other versions of BMC Network Automation.

Was this page helpful? Yes No Submitting... Thank you

Comments