E. List of Ports Used by NNMi

The following table lists the ports NNMi uses on the management server. NNMi listens on these ports. If port conflicts occur, you can change most of these port numbers as shown in the Change configuration column.

Important

For application failover to work successfully, use the following configurations:

Open TCP ports 7800 to 7810.
The active and standby NNMi management servers must have unrestricted network access to each other.

To run NNMi in a cluster system in an HA configuration, the port number configurations used on the primary and secondary cluster nodes must be the same. When you change a port in the nms-local.properties file, you must configure each node (the port change is not copied by file replication of the HA configuration).

Table E‒1: Ports used on the NNMi management server
Port	Type	Name	Purpose	Change configuration
`80`	TCP	`nmsas.server.port.web.http`	Default HTTP port Used for Web UI & Web Services. In GNM configurations, NNMi uses this port to establish communication from the global manager to the regional managers. Once this port is open, it becomes bi-directional.	Modify the `nms-local.properties` file. You can also change this during installation. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`162`	UDP	`trapPort`	SNMP trap port	Modify using the `nnmtrapconfig.ovpl` `Perl` script.
`443`	TCP	`nmsas.server.port.web.https`	Default secure HTTPS port (SSL) Used for Web UI & Web Services.	Modify the `nms-local.properties` file. You can also change this during installation. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`1098`	TCP	`nmsas.server.port.naming.rmi`	Used by NNMi command line tools to communicate with a variety of services used by NNMi. We recommend configuring the system firewall to restrict access to this port to local host only.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`1099`	TCP	`nmsas.server.port.naming.port`	Used by NNMi command line tools to communicate with a variety of services used by NNMi. We recommend configuring the system firewall to restrict access to this port to local host only.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`3873`	TCP	`nmsas.server.port.remoting.ejb3`	Used by NNMi command line tools to communicate with a variety of services used by NNMi. We recommend configuring the system firewall to restrict access to this port to local host only.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`4444`	TCP	`nmsas.server.port.jmx.jrmp`	Used by NNMi command line tools to communicate with a variety of services used by NNMi. We recommend configuring the system firewall to restrict access to this port to local host only.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`4445`	TCP	`nmsas.server.port.jmx.rmi`	Used by NNMi command line tools to communicate with a variety of services used by NNMi. We recommend configuring the system firewall to restrict access to this port to the local host only.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`4446`	TCP	`nmsas.server.port.invoker.unified`	Used by NNMi command line tools to communicate with a variety of services used by NNMi. We recommend configuring the system firewall to restrict access to this port to local host only.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`4457`	TCP	`nmsas.server.port.hq`	Used for un-encrypted global network management traffic. Messaging travels from the global manager to the regional managers. Once this port is open, it becomes bi-directional.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`4459`	TCP	`nmsas.server.port.hq.ssl`	Used for encrypted global network management traffic. Messaging travels from the global manager to the regional managers. Once this port is open, it becomes bi-directional.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`4712`	TCP	`nmsas.server.port.ts.recovery`	Internal transaction service port	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`4713`	TCP	`nmsas.server.port.ts.status`	Internal transaction service port	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`4714`	TCP	`nmsas.server.port.ts.id`	Internal transaction service port	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`5432`	TCP	`com.hp.ov.nms.postgres.port`	This PostgreSQL port is the port the embedded database listens on for this NNMi management server.	Modify the `nms-local.properties` file. Windows `%NNM_CONF%\nnm\props\nms-local.properties` Linux `$NNM_CONF/nnm/props/nms-local.properties`
`5447`	TCP	`trapReceiverNettyPort`	Port that stands by for a connection from JBoss. This port is used by TrapReceiver.	Modify with the `nnmtrapconfig.ovpl` `Perl` script.
`7500`	UDP	`nnmcluster`	Port used by `nnmcluster`.	Configuration cannot be modified.
`7800` to `7810`	TCP	--	JGroups ports used for application failover. If application failover is not used, we recommend configuring the system firewall to restrict access to these ports.	Modify the `nms-cluster.properties` file. Windows `%NNM_CONF%\nnm\props\nms-cluster.properties` Linux `$NNM_CONF/nnm/props/nms-cluster.properties`
`8886`	TCP	`OVsPMD_MGMT`	NNMi `ovspmd` (process manager) management port	1. Run the `ovstop` command to stop the NNMi service. 2. Open the `services` file: - Windows: `%Windir%\system32\drivers\etc\services` - Linux: `/etc/services` 3. Add the following line to the file: `ovspmd_mgmt` `port-number/tcp` 4. Run the `ovstart` command to start the NNMi service.
`8887`	TCP	`OVsPMD_REQ`	NNMi `ovsmpd` (process manager) request port	1. Run the `ovstop` command to stop the NNMi service. 2. Open the `services` file: - Windows: `%Windir%\system32\drivers\etc\services` - Linux: `/etc/services` 3. Add the following line to the file: `ovspmd_req` `port-number/tcp` 4. Run the `ovstart` command to start the NNMi service.
`8989`	TCP	`com.hp.ov.nms.events.action.server.port`	Enables an action server port so that it can be configured.	Modify the `nnmaction.properties` file: Windows `%NnmDataDir%shared\nnm\conf\props\nnmaction.properties` Linux `$NnmDataDir/shared/nnm/conf/props/nnmaction.properties`

Legend:: --: No name

Table E-2 lists some of the ports NNMi uses to communicate with other systems. If a firewall separates NNMi from these systems, open many of these ports in the firewall. The actual set of ports to open depends on the system to be linked to NNMi and how that system is configured.

Table E‒2: Firewall pass-through direction
Purpose	Port No. (Port/Type)	Firewall pass-through direction
NNMi console	80/tcp	NNMi Web browser NNMi (global manager) NNMi (regional manager)
SNMP request	161/udp	NNMi Monitored node
SNMP response	ANY/udp	NNMi Monitored node^#1
SNMP trap/SNMP inform request	162/udp	NNMi Monitored node
Response to SNMP inform request	ANY/udp	NNMi Monitored node^#2
SNMP trap transfer	162/udp	NNMi SNMP manager NNMi Northbound application
LDAP	389/tcp	NNMi LDAP server
NNMi console using SSL connection	443/tcp	NNMi Web browser NNMi (global manager) NNMi (regional manager)
LDAP using SSL connection	636/tcp	NNMi LDAP server
Messaging bisocket connector	4457/tcp	NNMi (global manager) NNMi (regional manager)
Messaging bisocket connector using SSL connection	4459/tcp	NNMi (global manager) NNMi (regional manager)
Application failover	7800 to 7810/tcp	NNMi (active) NNMi (standby)

Legend:

[Figure] :

For TCP, the arrow indicates the direction in which a connection is made.

For UDP, the arrow indicates the direction in which a packet is sent.

#1: An SNMP response is made from the SNMP request receiving port to the SNMP request sending port.

#2: A response to an SNMP inform request is made from the SNMP inform request receiving port to the SNMP inform request sending port.

Notes:

1. You must configure the firewall to pass ICMP between NNMi and the monitored node.

2. The port numbers are set to the default settings.

3. For details about configuring application failover, see 18. Configuring NNMi for Application Failover.

If you configure NNMi to use ICMP fault polling or ping sweep for node discovery, configure the firewall to pass ICMP packets through the firewall.

If you plan to use the global network management feature, Table E-3 shows the ports that need to be accessible to a regional NNMi management server from a global NNMi management server. The global network management feature requires these ports to be open for TCP access from the global NNMi management server to the regional NNMi management server. The regional NNMi management server will not open sockets back to the global NNMi management server.

Table E‒3: Required accessible sockets for global network management
Security	Parameter	TCP port
Non-SSL	`nmsas.server.port.web.http`	80
Non-SSL	`nmsas.server.port.hq`	4457
SSL	`nmsas.server.port.web.https`	443
SSL	`nmsas.server.port.hq.ssl`	4459

To Page Top