000014358 - AxM - What ClearTrust/AxM ports need to be opened to run RSA's WebSphere Agent SyncTool across a firewall

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014358
Applies ToRSA 4.7 Application Agent for IBM WebSphere V2 Server
IssueAxM - What ClearTrust/AxM ports need to be opened to run RSA's WebSphere Agent SyncTool across a firewall
When the correct firewall ports are not open, the RSA WebSphere synctool will fail to execute.
CauseSynctool communicates to the Eserver via the admin api.  The eserver runs on port 5601.
ResolutionWhen running synctool, it will add entries to the datastore.  This consists of WAS users, policies and applications information. The entitlement server port (eserver) runs on port 5601.

The main AxM/CT ports that are used by default are:

5606 - keyserver
5607 - dispatcher listen
5608 - dispatcher registry
5615 - aserver
5601 - eserver

Note: runtime api authentication and authorization requires keyserver, aserver and dispatcher ports to be opened across a firewall.  Synctool requires the eserver port to be opened.
Legacy Article IDa44700

Attachments

    Outcomes