Hitachi

JP1 Version 12 Integrated Management: Getting Started


D.3 Direction of communication through a firewall

The table below describes the direction in which hosts communicate through a firewall. JP1/IM and JP1/Base support both packet filtering and NAT (static mode).

Direction of communication through a firewall

Service name

Port number

Direction of communication

jp1imevt

20098/tcp

JP1/Base that transfers events -> JP1/Base that receives events

jp1imevtapi

20099/tcp

A program (such as JP1/IM - Manager) that acquires events -> JP1/Base

jp1imevtcon

20115/tcp

JP1/IM - View -> JP1/IM - Manager (central console)

jp1imrt

20237/tcp

JP1/IM - Manager -> JP1/Base

jp1imcmda

20238/tcp

JP1/IM - View -> JP1/IM - Manager (central console)

JP1/IM - Manager (central console) -> JP1/Base#1

jp1imcmdc

20239/tcp

JP1/Base on a host with JP1/IM - Manager installed <- -> JP1/Base on a host that executes commands

jp1bsuser

20240/tcp

JP1/IM - Manager -> JP1/Base

jp1imcss

20305/tcp

JP1/IM - View -> JP1/IM - Manager (central console)

jp1bsplugin

20306/tcp

Higher-level program using services such as JP1/IM - Manager -> JP1/Base

jp1imegs

20383/tcp

Firewall setup is unnecessary because all communication takes place on the machine on which JP1/IM - Manager is installed.

jp1bscom

20600/tcp

JP1/IM - Manager <- -> JP1/Base on another host

JP1/IM2-Manager DB Server

20700/tcp

JP1/IM - Manager -> JP1/IM-Manager DB Server

jp1imfcs

20701/tcp

Firewall setup is unnecessary because all communication takes place on the machine on which JP1/IM - Manager is installed.

jp1imcf

20702/tcp

JP1/IM - View -> JP1/IM - Manager (IM Configuration Management)

jddmain

20703/tcp

Web client (Web browser or client to issue REST APIs) -> JP1/IM - Manager (Intelligent Integrated Management Base)

jimmail

25/tcp#2

JP1/IM - Manager -> Mail server (SMTP) (without authentication)

587/tcp#2

JP1/IM - Manager -> Mail server (SMTP) (for SMTP-AUTH authentication)

110/tcp#2

JP1/IM - Manager -> Mail server (POP3) (for POP before SMTP authentication)

Legend:

->: Direction of the connection when the connection is established

#1: JP1/Base on a manager

#2: The port number at the connection destination might change depending on the port used by the connection destination server.

To use any of the port numbers listed above to establish a connection, you must specify that the firewall allows the traffic on the service-name port to pass through. You must also specify that ANY can pass through the firewall in response to the session established for the port number for service-name. The response must be ANY because the OS performs automatic numbering.

When a connection is established, the port number in the table is used by the side being connected (the side the arrow points at). The connecting side uses an available port number assigned by the OS. The range of port numbers that can be used depends on the OS.

When you install JP1/IM and JP1/Base on a firewall server machine, communications within that machine might also be subject to the firewall restrictions. In this case, set up the firewall so that services can use the port numbers in the table even for communications within the firewall server machine.

Related topics