D.3 Direction of communication through a firewall
The table below describes the direction in which hosts communicate through a firewall. JP1/IM and JP1/Base support both packet filtering and NAT (static mode).
Direction of communication through a firewall
Service name |
Port number |
Direction of communication |
---|---|---|
jp1imevt |
20098/tcp |
JP1/Base that transfers events -> JP1/Base that receives events |
jp1imevtapi |
20099/tcp |
A program (such as JP1/IM - Manager) that acquires events -> JP1/Base |
jp1imevtcon |
20115/tcp |
JP1/IM - View -> JP1/IM - Manager (central console) |
jp1imrt |
20237/tcp |
JP1/IM - Manager -> JP1/Base |
jp1imcmda |
20238/tcp |
JP1/IM - View -> JP1/IM - Manager (central console) JP1/IM - Manager (central console) -> JP1/Base#1 |
jp1imcmdc |
20239/tcp |
JP1/Base on a host with JP1/IM - Manager installed <- -> JP1/Base on a host that executes commands |
jp1bsuser |
20240/tcp |
JP1/IM - Manager -> JP1/Base |
jp1imcss |
20305/tcp |
JP1/IM - View -> JP1/IM - Manager (central console) |
jp1bsplugin |
20306/tcp |
Higher-level program using services such as JP1/IM - Manager -> JP1/Base |
jp1imegs |
20383/tcp |
Firewall setup is unnecessary because all communication takes place on the machine on which JP1/IM - Manager is installed. |
jp1bscom |
20600/tcp |
JP1/IM - Manager <- -> JP1/Base on another host |
JP1/IM3-Manager DB Server |
20700/tcp |
JP1/IM - Manager -> JP1/IM-Manager DB Server |
jp1imfcs |
20701/tcp |
Firewall setup is unnecessary because all communication takes place on the machine on which JP1/IM - Manager is installed. |
jp1imcf |
20702/tcp |
JP1/IM - View -> JP1/IM - Manager (IM Configuration Management) |
jddmain |
20703/tcp |
Web client (Web browser or client to issue REST APIs) -> JP1/IM - Manager (Intelligent Integrated Management Base) |
jimmail |
25/tcp#2 |
JP1/IM - Manager -> Mail server (SMTP) (without authentication) |
587/tcp#2 |
JP1/IM - Manager -> Mail server (SMTP) (for SMTP-AUTH authentication) |
|
110/tcp#2 |
JP1/IM - Manager -> Mail server (POP3) (for POP before SMTP authentication) |
To use any of the port numbers listed above to establish a connection, you must specify that the firewall allows the traffic on the service-name port to pass through. You must also specify that ANY can pass through the firewall in response to the session established for the port number for service-name. The response must be ANY because the OS performs automatic numbering.
When a connection is established, the port number in the table is used by the side being connected (the side the arrow points at). The connecting side uses an available port number assigned by the OS. The range of port numbers that can be used depends on the OS.
When you install JP1/IM and JP1/Base on a firewall server machine, communications within that machine might also be subject to the firewall restrictions. In this case, set up the firewall so that services can use the port numbers in the table even for communications within the firewall server machine.
Related topics
-
9.3 Operating in a firewall environment in the Configuration Guide