Network ports
The following table lists the default TCP/IP ports used by the TrueSight Middleware and Transaction Monitor (TMTM) product. All TCP/IP ports can be changed (except where noted). If a firewall exists between your TMTM Agents, the Services, Management Console, or database, the same TCP/IP ports must be open on your firewall.
Note that the direction of the arrows in the diagrams below indicates the direction in which the connection is made. You must make sure your network configuration (for example, firewall) allows connections between hosts in the direction specified.
This section includes diagrams for the two main types of tunneling:
Chapter 4
Default configuration
Note
TrueSight Middleware Administrator (TSMA) connects to the queue managers through SVRCONN channels; as a result, its (listener) port should be opened in both directions.
TLS tunnel configuration
Note
If the secured connections to the agents are all server initiated, you must make sure your network configuration (for example, firewall) allows connections from the services host to the agent host on the secured agent port (default of 15010). If the secured connections to the agents are all agent initiated, you must make sure your network configuration allows connections from the agent host to the services host on the secured agent port. If there is a mix, connections from both directions must be allowed.
Default ports
Default port | Service | Files necessary to modify port |
---|---|---|
15001* | TMTM Topic Service |
|
15002 | TMTM History Service | services.cfg |
15003 | TMTM Event Service | services.cfg |
15004 | TMTM Application Service Web secure port | services.cfg |
15005 | TMTM Application Service Client port | services.cfg |
15006* | TMTM Client Gateway Service | services.cfg |
15007 | TMTM Application Service Web port | services.cfg |
15008* | TMTM Application Service LDAP port | services.cfg |
15009 | TMTM Tunnel Service Client Proxy port | services.cfg |
15010 | TMTM Tunnel Service port | services.cfg |
15011 a | TMTM Application Service LDAPS port | services.cfg |
6001*b | QPMON | eaa.xml |
6002* | QPCFG | eaa.xml |
2612c | QPEA | eaapi.ini |
389, 636d | Active Directory LDAP ports | Not configurable |
- This port must be accessible from the TSMA installation when using the TMTM security service
- See Running performance and availability monitoring extensions for information about changing QPEA, QPMON, and QPCFG port numbers.
- If this port number needs to be changed, create or edit the eaapi.ini file in a text editor and modify or insert the following stanza:
[networksettings]
agent_listen_port=port number - Port 389 is used to contact Active Directory Domain Controllers when configured for Active Directory Delegate mode security and when using SASL. Port 636 is used to contact Active Directory Domain Controllers when configured for Active Directory Delegate mode security and when using SSL. These ports are not reconfigurable due to Microsoft requirements.
Comments