HP ProLiant Support Pack User Manual
Page 36
Troubleshooting 36
•
HP SUM encountered a fatal error while initializing when running in a directory path containing
double-byte characters.
HP SUM cannot run in directories that contain double byte characters in the path name. Paths can be
created with double-byte characters only when using certain versions of the operating system, such as
Japanese or Chinese.
•
How do I use HP SUM over a firewall? Which ports will I need to open? Are they configurable?
The ports that HP SUM uses cannot be configured. When HP SUM port initiates communications to
remote targets, it uses several well-known ports depending on the operating system. For Windows®, HP
SUM uses ports 138 and 445 to connect to remote targets (equivalent to remote and file print share
functionality).
HP SUM uses defined ports to communicate between the remote target and the workstation where HP
SUM is executing. When you run HP SUM, it uses the administrator/root privileges to dynamically
register the port with the default Windows® firewalls for the length of the application execution, and
then closes and deregisters the port. All communications are over a SOAP server using SSL with
additional functionality to prevent man-in-the-middle, packet spoofing, packet replay, and other attacks.
The randomness of the port helps prevent port scanning software from denying service to the
application. The SOAP server is deployed on the remote target using the initial ports (138, 445, and
22) and then allocates another independent port for its communications back to the workstation where
HP SUM s running. During shutdown of HP SUM, the SOAP server is shutdown and removed from the
target server, leaving the log files.
To deploy software to remote targets on their secure networks using HP SUM, the following ports are
used.
Ports
Description
Ports 445 and 137/138/139
(Port 137 is used only if you
are using NetBIOS naming
service.)
These ports are needed to connect to the remote ADMIN$ share on target
servers. These ports are standard ports that Windows® servers use to connect
to remote file shares. If you can connect remotely to a remote Windows® file
share on the target server, then you have the correct ports open.
Ports 60000-60007
Random ports are used in this range to pass messages back and forth
between the local and remote systems using SSL. These ports are used on the
system running HP SUM to send data to the target server.
Several internal processes within HP SUM automatically use the port from
60000 when no other application uses it. If a port has a conflict, the manager
uses the next available port. HP does not guarantee that the upper limit is
60007 because the limit depends on how many target devices are selected
for installation.
Ports 61000-61007
These ports are used to communicate from the target server to the system
running HP SUM. The same mechanism is used by the remote access code as
the 60000 ports, with the first trial port as 61000. The upper limit might not
be 61007 when a conflict occurs.
In the case of IPv4-only and one NIC, the lowest available port is used by HP
SUM to pass information between processes on the local workstation where
HP SUM is executed, and the next available port is used to receive messages