The following table lists the default TCP/IP ports used by the TrueSight Middleware and Transaction Monitor (TMTM) product. All TCP/IP ports can be changed (except where noted). If a firewall exists between your TMTM Agents, the Services, Management Console, or database, the same TCP/IP ports must be open on your firewall.
Note that the direction of the arrows in the diagrams below indicates the direction in which the connection is made. You must make sure your network configuration (for example, firewall) allows connections between hosts in the direction specified.
This section includes diagrams for the two main types of tunneling:
TrueSight Middleware Administrator (TSMA) connects to the queue managers through SVRCONN channels; as a result, its (listener) port should be opened in both directions.
TLS tunnel configuration
If the secured connections to the agents are all server initiated, you must make sure your network configuration (for example, firewall) allows connections from the services host to the agent host on the secured agent port (default of 15010). If the secured connections to the agents are all agent initiated, you must make sure your network configuration allows connections from the agent host to the services host on the secured agent port. If there is a mix, connections from both directions must be allowed.
Files necessary to modify port
TMTM Topic Service
TMTM History Service
TMTM Event Service
TMTM Application Service Web secure port
TMTM Application Service Client port
TMTM Client Gateway Service
TMTM Application Service Web port
TMTM Application Service LDAP port
TMTM Tunnel Service Client Proxy port
TMTM Tunnel Service port
|15011 a||TMTM Application Service LDAPS port||services.cfg|
Active Directory LDAP ports
- This port must be accessible from the TSMA installation when using the TMTM security service
- See Running performance and availability monitoring extensions for information about changing QPEA, QPMON, and QPCFG port numbers.
- If this port number needs to be changed, create or edit the eaapi.ini file in a text editor and modify or insert the following stanza:
- Port 389 is used to contact Active Directory Domain Controllers when configured for Active Directory Delegate mode security and when using SASL. Port 636 is used to contact Active Directory Domain Controllers when configured for Active Directory Delegate mode security and when using SSL. These ports are not reconfigurable due to Microsoft requirements.