TrueSight Middleware and Transaction Monitor 8.1 Planning

Network ports

The following table lists the default TCP/IP ports used by the TrueSight Middleware and Transaction Monitor (TMTM) product. All TCP/IP ports can be changed (except where noted). If a firewall exists between your TMTM Agents, the Services, Management Console, or database, the same TCP/IP ports must be open on your firewall. 

Note that the direction of the arrows in the diagrams below indicates the direction in which the connection is made. You must make sure your network configuration (for example, firewall) allows connections between hosts in the direction specified.

This section includes diagrams for the two main types of tunneling:

Chapter 4

Related topics

Security planning 

Planning

Modifying the default port numbers

Post core component installation and configuration

Default configuration

tmtmReferenceArchitecture_ports

Note

TrueSight Middleware Administrator (TSMA) connects to the queue managers through SVRCONN channels; as a result, its (listener) port should be opened in both directions.


TLS tunnel configuration  

tmtmReferenceArchitecture_secureports

Note

If the secured connections to the agents are all server initiated, you must make sure your network configuration (for example, firewall) allows connections from the services host to the agent host on the secured agent port (default of 15010). If the secured connections to the agents are all agent initiated, you must make sure your network configuration allows connections from the agent host to the services host on the secured agent port. If there is a mix, connections from both directions must be allowed.

Default ports


Default port

Service

Files necessary to modify port

15001*

TMTM Topic Service

  • services.cfg
  • eaa.xml

15002

TMTM History Service

services.cfg

15003

TMTM Event Service

services.cfg

15004

TMTM Application Service Web secure port

services.cfg

15005

TMTM Application Service Client port

services.cfg

15006*

TMTM Client Gateway Service

services.cfg

15007

TMTM Application Service Web port

services.cfg

15008*

TMTM Application Service LDAP port

services.cfg

15009

TMTM Tunnel Service Client Proxy port

services.cfg

15010

TMTM Tunnel Service port

services.cfg

15011 a TMTM Application Service LDAPS portservices.cfg

6001*b

QPMON

eaa.xml

6002*

QPCFG

eaa.xml

2612c

QPEA

eaapi.ini

389, 636d

Active Directory LDAP ports

 Not configurable
    1. This port must be accessible from the TSMA installation when using the TMTM security service
    2. See Running performance and availability monitoring extensions for information about changing QPEA, QPMON, and QPCFG port numbers.
    3. If this port number needs to be changed, create or edit the eaapi.ini file in a text editor and modify or insert the following stanza:
      [networksettings]
      agent_listen_port=port number
    4. Port 389 is used to contact Active Directory Domain Controllers when configured for Active Directory Delegate mode security and when using SASL. Port 636 is used to contact Active Directory Domain Controllers when configured for Active Directory Delegate mode security and when using SSL. These ports are not reconfigurable due to Microsoft requirements.

 



Was this page helpful? Yes No Submitting... Thank you
Last modified by Ashley Pearson on Mar 07, 2018
planning ports wide-layout

Comments

Managing WebSphere MQ object security
License entitlements
© Copyright 2019 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2019 BMC Software, Inc.