Setting up TCP/IP for a firewall

System Administrator Guide for VSP 5000 Series

Version
90-08-8x
Audience
anonymous
Part Number
MK-98RD9009-13

To connect the Device Manager - Storage Navigator management client and the SVP through a firewall, configure the firewall so that the TCP/IP port for the protocol you use becomes available.

When attaching Device Manager - Storage Navigator to multiple storage systems, the installer must log in to the SVP of each storage system using separate Device Manager - Storage Navigator sessions and separate web browser instances.

The following table describes the firewall configuration. For more information about the ports used in software such as middleware and applications that work with the storage system, see the software documentation.

CAUTION:
Do not enable ICMP firewall configuration. If ICMP firewall is enabled, alert notifications might not occur. To disable ICMP firewall, contact the administrator who manages the firewall.
Protocol Communication from Communication to
Port number Hardware Port number Hardware
HTTP Any/TCP Management client 80/TCP SVP
HTTPS Any/TCP 443/TCP
RMI Any/TCP 11099/TCP
RMI Any/TCP 51099/TCP
RMI Any/TCP 51100/TCP
SMI-S Any/TCP 427/TCP
SMI-S Any/TCP 5989/TCP
SNMP1 Any/UDP 161/UDP
SNMP Trap1 Any/UDP SVP 162/UDP Management client
CCI Any/UDP Host 31xxx through 33xxx/UDP2 SVP
CCI 34xxx through 36xxx/UDP2 SVP Any/UDP Host
SVP Connect Utility Any/TCP SVP 7000/TCP3 Maintenance PC
ASSIST Any/TCP ASSIST communication device 4503/TCP4 SVP
ASSIST Any/TCP SVP 4500/TCP4

10070/TCP4

ASSIST communication device

Notes:

  1. Required if you use a Device Manager - Storage Navigator management client as an SNMP manager.
  2. x indicates a number. For details about port numbers that are used for communication between a host and an SVP using CCI, see the Command Control Interface User and Reference Guide.
  3. The support personnel use this port number to connect the maintenance PC to the storage system through a firewall.
  4. If the remote maintenance by using Remote Ops is not performed, the firewall settings are not required.