Re: NNM and firewall (39 Views)
Reply
Advisor
caterina di bella_1
Posts: 35
Registered: ‎02-09-2003
Message 1 of 3 (39 Views)

NNM and firewall

In the HP White paper "Managing Devices with NNM in a Firewall environment" is said that when the manager submits a query to a node, it uses its 161 SNMP port to "any" of the node, but when the nodes replies it does it from its 161 SNMP port to "any" of the manager.
Does anybody knows if can be a problem for NNM if the communication "161, Manager -> any, node" is resctricted to a range?
Honored Contributor
Giovanni_4
Posts: 3,522
Registered: ‎09-16-2002
Message 2 of 3 (39 Views)

Re: NNM and firewall

Hi Caterina,
take a look at the Managing Your Network through Firewalls whitepaper at http://www.openview.hp.com/docs/91.pdf.

Summary:
Ports to have open on firewall:
Inbound
=======
a) Dest UDP dest port 162
b) Dest UDP srce port 161
c) Dest ICMP 0 and 18 (echo and mask replies)
d) Dest TCP srce port 80, 280 (http discovery)
Outbound
========
a) Srce UDP dest port 161
b) Srce ICMP 8 and 17 (echo and mask requests)

If management station/ collection station through firewall:
tcp 1024 - 5000 # ovrepld communication
udp 1024 - 5000 # snmp communication


Hope this helps

Giovanni
kamara kamara tralalallalalalala trallalalla trallalalla tralalallalalalala
Advisor
caterina di bella_1
Posts: 35
Registered: ‎02-09-2003
Message 3 of 3 (39 Views)

Re: NNM and firewall

Thank you Giovanni.
I'll have a look on this white paper.

Bye
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.