Cc-sg internal ports, Cc-sg access via nat-enabled firewall, Rdp access to nodes – Raritan Computer CCA-0N-V5.1-E User Manual

Page 373

background image

Appendix B: CC-SG and Network Configuration

355

Communication
Direction

Port Number

Protocol

Configurable?

Details

CC-SG to SNMP
Manager

162

UDP

yes

SNMP standard

CC-SG Internal Ports

CC-SG uses several ports for internal functions, and its local firewall
function blocks access to these ports. However, some external scanners
may detect these as “blocked” or “filtered.” External access to these
ports is not required and can be further blocked. The ports currently in
use are:

1088

1098

2222

4444

4445

8009

8083

8093

In addition to these ports, CC-SG may use TCP and UDP ports in the
32xxx (or higher) range. External access to these ports is not required
and can be blocked.

CC-SG Access via NAT-enabled Firewall

If the firewall is using NAT (Network Address Translation) along with PAT
(Port Address Translation), then Proxy mode should be used for all
connections that use this firewall. The firewall must be configured for
external connections to ports 80 (non-SSL) or 443 (SSL), 8080 and 2400
to be forwarded to CC-SG since the PC Client will initiate sessions on
these ports.

Note: It is not recommended to run non-SSL traffic through a firewall.

Connections using the firewall must be configured to use Proxy mode.
See

Connection Modes: Direct and Proxy

(on page 250). CC-SG will

connect to the various targets on behalf of the PC Client requests.
However, the CC-SG will terminate the PC Client to Target TCP/IP
connection that comes through the firewall.

RDP Access to Nodes

Port 3389 must be open for RDP access to nodes.