What ports need to be open to control Lion Server from a remote location (through Server.app)?

Similar Messages

• What ports need to be opened for Podcasting?

  To all,
  I am a little lost. We have a server which is inside our firewall. What we're trying to do is to use this server as a test bed for podcasting. Our network admin is going to set it up so that it's behind the firewall but we can still access the content from home or anywhere. Now my question. The admin has asked us what ports need to be opened for podcasting. We have no idea. Is this something we need to setup on the server we are using or is there something else.
  FYI - We are using a Windows NT server...I know, I know, I need to upgrade.
  Any help is greatly appreciated. Thank you in advance.
  zanm
    Other OS   windows NT server

  Podcasting is not streaming on content, only downloading. It is basically a blog with an attachment in the RSS feed. Only port 80 (normal web port) needs to be able to go through the firewall.

• What ports need to be open?

  I'm setting up my fmis to deliver video through rtmp and http.
  I'm on a locked down network.
  What ports need to be open to allow people outside of the network to access the rtmp/http streams?
  I am correct to say only port 80 and 1935?

  Yes... 80 and 1935 is what you need for RTMP connections and proxied HTTP downloads. If you want to use RTMPS, you should also open 443.
  If you want to be able to use the admin service and admin console, you'll also want to open 1111

• What ports need to be opened from apple's firewall?

  I googled that qmaster uses port 10012 tcp&udp, but what ports need to be open for Qadministrator and Batch Monitor?
  They didn't seem to work just with 10012.
  Is there any documents about this from apple?
  Idea of just leaving firewall off sounds like Microsoft in te 90s'.
  And even they have made an interactive firewall that asks you to open a port when some application tries to use it.
  Well, these fcp applications are sooo PRO...

  On the Qmaster system prefs pane, turn on the "Show Qmaster status in menu bar" option in the advanced tab.
  Then click the Qmaster icon on the menu bar, and it will show you all active Qmaster services, and their TCP port. You would need that port open. You need to do this on every computer on the cluster.
  In your setup, are all the computers on the same subnet? Although you may be on a large network, you can rope off your systems into their own sub network, with a master firewall and avoid this type of problem. Each computer will have a different port, and that port will change every single time you start and stop the service. The TCP port will fall between 40000 and 65536 (the highest port ranges).
  So, again I recommend protecting the network which will protect all the systems universally. But try setting the TCP ports listed on all the service nodes, and remember that those will change whenever you start and stop the service. (I'm not sure if the port will change after a reboot as well.)
  Good luck

• I need helping!!! configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.

  I need helping configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.
  I have attempted to configure rdp access but it does not seem to be working for me Could I please ask someone to help me modify my current configuration to allow this? Please do step by step as I could use all the help I could get.
  I need to allow the following IP addresses to have RDP access to my server:
  66.237.238.193-66.237.238.222
  69.195.249.177-69.195.249.190
  69.65.80.240-69.65.80.249
  My external WAN server info is - 99.89.69.333
  The internal IP address of my server is - 192.168.6.2
  The other server shows up as 99.89.69.334 but is working fine.
  I already added one server for Static route and RDP but when I try to put in same commands it doesnt allow me to for this new one. Please take a look at my configuration file and give me the commands i need in order to put this through. Also please tell me if there are any bad/conflicting entries.
  THE FOLLOWING IS MY CONFIGURATION FILE
  Also I have modified IP information so that its not the ACTUAL ip info for my server/network etc... lol for security reasons of course
  Also the bolded lines are the modifications I made but that arent working.
  ASA Version 7.2(4)
  hostname ciscoasa
  domain-name default.domain.invalid
  enable password DowJbZ7jrm5Nkm5B encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.6.254 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 99.89.69.233 255.255.255.248
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  ftp mode passive
  dns server-group DefaultDNS
  domain-name default.domain.invalid
  object-group network EMRMC
  network-object 10.1.2.0 255.255.255.0
  network-object 192.168.10.0 255.255.255.0
  network-object 192.168.11.0 255.255.255.0
  network-object 172.16.0.0 255.255.0.0
  network-object 192.168.9.0 255.255.255.0
  object-group service RDP tcp
  description RDP
  port-object eq 3389
  object-group service GMED tcp
  description GMED
  port-object eq 3390
  object-group service MarsAccess tcp
  description MarsAccess
  port-object range pcanywhere-data 5632
  object-group service MarsFTP tcp
  description MarsFTP
  port-object range ftp-data ftp
  object-group service MarsSupportAppls tcp
  description MarsSupportAppls
  port-object eq 1972
  object-group service MarsUpdatePort tcp
  description MarsUpdatePort
  port-object eq 7835
  object-group service NM1503 tcp
  description NM1503
  port-object eq 1503
  object-group service NM1720 tcp
  description NM1720
  port-object eq h323
  object-group service NM1731 tcp
  description NM1731
  port-object eq 1731
  object-group service NM389 tcp
  description NM389
  port-object eq ldap
  object-group service NM522 tcp
  description NM522
  port-object eq 522
  object-group service SSL tcp
  description SSL
  port-object eq https
  object-group service rdp tcp
  port-object eq 3389
  access-list outside_1_cryptomap extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
  access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 192.168.0.0 255.255.0.0
  access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-data
  access-list outside_access_in extended permit udp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-status
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group RDP
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ftp
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ldap
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq h323
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq telnet
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq www
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group SSL
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM522
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM1731
  access-list outside_access_in extended permit tcp 173.197.144.48 255.255.255.248 host 99.89.69.334 object-group RDP
  access-list outside_access_in extended permit tcp any interface outside eq 3389
  access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333
  access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333 object-group rdp
  access-list outside_access_in extended permit tcp any host 99.89.69.333 object-group rdp
  access-list out_in extended permit tcp any host 192.168.6.2 eq 3389
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-524.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 1 0.0.0.0 0.0.0.0
  static (inside,outside) tcp 99.89.69.334 3389 192.168.6.1 3389 netmask 255.255.255.255
  static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 99.89.69.338 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  http server enable
  http 192.168.6.0 255.255.255.0 inside
  http 0.0.0.0 0.0.0.0 outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set peer 68.156.148.5
  crypto map outside_map 1 set transform-set ESP-3DES-MD5
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash md5
  group 1
  lifetime 86400
  crypto isakmp policy 30
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  tunnel-group 68.156.148.5 type ipsec-l2l
  tunnel-group 68.156.148.5 ipsec-attributes
  pre-shared-key *
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
  service-policy global_policy global
  prompt hostname context
  Cryptochecksum:f47dfb2cf91833f0366ff572eafefb1d
  : end
  ciscoasa(config-network)#

  Unclear what did not work.  In your original post you include said some commands were added but don't work:
  static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
  and later you state you add another command that gets an error:
  static (inside,outside) tcp 99.89.69.333 3389 192.168.6.2 3389 netmask 255.255.255.255
  You also stated that 99.89.69.333 (actually 99.89.69.233, guessing from the rest of your config and other posts) is your WAN IP address.
  The first static statement matches Cisco's documentation, which states that a static statement must use the 'interface' directive when you are trying to do static PAT utilizing the IP address of the interface.  Since 99.89.69.333 is the assigned IP address of your WAN interface, that may explain why the second statement fails.
  Any reason why you are using static PAT (including the port number 3389) instead of just skipping that directive?  Static PAT usually makes sense when you need to change the TCP port number.  In your example, you are not changing the TCP port 3389.

• Thin JDBC through firewall - what ports need to be open?

  We are running Oracle 7.3, and Oracle Web Server on the same
  computer. The firewall is set up to allow connections to that
  computer from anywhere, on ports 80 and 1521.
  Our thin JDBC applet works perfectly from inside the firewall,
  but from outside, I get a time-out error trying to open the JDBC
  connection.
  What else needs to be done get JDBC through? Do other ports need
  to be open on the firewall?
  The JDBC FAQ mentions a "Net8 compliant" or "SQLNet certified"
  firewall - is that relevant to this problem, and if so, what does
  it really mean?
  We are supposed to be operational right now, so many many thanks
  for any help on this!
  - Joe Wielgosz
  null

  Try in the Lion Server Forum?
  Regards,
  Colin R.

• What Ports need to be opened during Exchange migration?

  Hi Team,
  I am working on a Migration project (Ex2007 to Ex2013). Same forest same domain but are in different sites.
  Please find the below details
  AD Site1 - Ex2007 Servers
  2 Mailbox Servers (CCR)
  2 (HUB+CAS) in NLB
  2 Domain Controllers 
  AD Site2 - Ex2013 Servers
  2 Multi Role Servers (MB+CAS) with DAG
  2 Domain Controllers
  We have firewall in between data centers, could some one help me out what ports are need to opened on firewalls.
  Thanks,
  Balgates
  Regards, Balgates

  808 (TCP)
  Mailbox Replication Service uses to communicate
  53 (TCP)
  DNS
  135 (TCP)
  RPC End Point
  389 (TCP)
  LDAP
  3268
  LDAP
  1024 > (TCP)
  if mailbox store is not statically configured then 1024 higher ports need to be open
  88 (TCP)
  Kerberos
  445 (TCP)
  Microsoft-DS Service
  443 (TCP)
  Mailbox Replication Proxy service uses port 443 to communicate with other Exchange 2010 client access server via HTTPS.

• What ports need to be open in a version fios Actiontec MI424WR router to share Mac files os 10.7os

  I need to share Mac Lion files over the internet through  a Verizon FIOS Actiontec MI424WR router. I don't know which ports need to be open.

  548 is AFP assuming you are sharing with another Mac

• What ports need to be open on Fw for Waas Communication--Urgent

                     Hi All,
  This product is new to need your help in configuring this. I am explaining the architecture below:-
  We have a requirement to use WAVE-594-K9 Software Release 5.3.1 and in our Manila location and it will not talk to Waas central Manager in our client location instead client has installed one same model Wave-594 in PHX.
  So now client has said it will only be used for caching contents and not for optimizing, they have some video training on web which will be passed through this wave and for making them highly/fastly available to agents they want to use this.
  We have installed one Wave in Manila in application-accelerator mode and using PBR to redirect the desired traffic via Wave. As per our client Manila Wave will talk to PHX wave and PHX wave will get registered to Waas Manager in client network.
  We have firewall between PHX wave & Manila wave, please let me know do we need to opened tcp/udp ports on FW for opening the communication between these two waves?
  and what else i need to configure on Manila wave?
  This is very urgent quick reply will be highly appreciated!!
  Thanks!!
  Bhisham

  Thanks for the quick reply Kanwal!!
  I checked with my team in PHX and we have Juniper FW in between these two Wave's, so what i understand from the links which you have shared.
  In Manila Wave i need to configure that in Directed Mode and udp port 4050 needs to be opened bi-directionally on Juniper FW between IPs configured on wave devices.
  In Manila we have 10.111.x.189 (Virtual-Blade IP) & 10.111.x.190 IPs & in PHX we 63.149.23.x & 63.149.23.x (VB) so from both IPs we required to open udp 4050 bi-directionally? Want to be sure before raising any request :-)
  In PHX wave i am not sure whether we can configure that in directed mode and if it’s not then also it will work by opening port 4050 on FW Right?
  In last our client was saying that Manila Wave will only be used as cache engine (VB is configured as content-engine) and it will download contents from PHX Wave (which is registered to CM at client side), what does it mean and do i need to do any special config on wave to achieve this?
  I am very new to this device and lot of research on net confused me a lot, please don’t mind!!
  Will wait for your reply then only i will raise request with FWteam.
  Thanks,
  Bhisham

• What ports need to be open in order to sign in with my Adobe ID?

  I keep getting an error when attempting to log in to activate Photoshop CS6 Beta.  The error says, "Please connect to the internet and retry".  I suspect my corporate firewall is to blame, but I need to know what ports I need opened in order to make my request.

  All Experiencing this issue. Please try these steps.
  Let's see what we can see here:
  1. Try going into a web browser and connecting to both of these addresses:
  https://www.adobe.com/
  https://www.acrobat.com/
  Let us know if you can get to those ok! Testing firewall functionality with Adobe.com addresses.
  After that, please let us know the results of clicking these links in succession
  2. Try going into a web browser and connecting first to
  https://ims-na1.adobelogin.com/
  and secondly to:
  https://ims-na1.adobelogin.com/status
  Let us know what you see, or if you get errors.
  It would be nice to have all responses show up here:
  http://forums.adobe.com/message/4285499#4285499
  Thanks!
  Pete

• Pixma MX922 drops off network, what ports need to be opened

  Pixma MX922 keeps dropping from my wireless network - no matter what I do to configure. Called Canon support and they were not able to resolve issue (offered to replace printer, prefer not to do this - only as last resort).
  I attempted ALL the standard items to resolve (re-install printer, drivers, make static IP (NO DHCP leasing - and my DHCP lease time on router is set to max. time of 2 weeks anyway...), made sure of no firewall issues, etc., etc.) but printer keeps doing this. Can ping the ip, etc., so I know that it exists, but UNLESS I POWER the printer OFF / ON - anything I sent to it will just sit in print queue.  Once I power it off / on - all printing is fine  - only for a few hours or next day - until it happens again...
  Somewhere on this forum another user stated that he resolved the problem by contacting Canon support and they told him specific Ports on his router that had to be opened in order to fix the issue of the printer dropping off wireless network (* he must have had a better tech than the ones I spoke with...).
  Does anyone on this forum know the ports that must be open on the router?  Possibly one or two higher number ip ports such as 1020, or 25466, etc. ?
  Thank you to anyone who may know this and provide.

  Podcasting is not streaming on content, only downloading. It is basically a blog with an attachment in the RSS feed. Only port 80 (normal web port) needs to be able to go through the firewall.

• ZLM Agent behind firewall: What ports needs to be opened?

  What ports ZLM Agent (managed device) is using when communizating the ZLM Server? And what ports ZLM Server is using when communicating to ZLM Agent? We do not have server GUI up, so Remote Management ports are not needed...
  Thanx in advance...
  -John-

  John,
  Scroll down in the list till you get the TCP Ports,
  that has the information you are looking for:
  Novell Documentation
  Rainer

• HT4814 What ports need to get opened to do this remotely?

  I looked through the list of ports commonly used here: http://support.apple.com/kb/TS1629 and forwarded what appeared to be the appropriate ports but this appears to only cover through Lion.  I wouldn't have thought much would've chaged in that dept but who knows.
  10.8.1 Server FYI

  Sorry, I should have specified.  I'm using the server app.  You can use it to manage other servers but it just times out.  I've got the following ports forwarded:
  22          SSH (will probably change at some point)
  50          IKE?
  331        Server admin
  500        VPN&IKE?
  660        Server admin
  687        Yet more admin...
  1701      L2TP
  3283      ARD
  5900      ARD/VNC
  5988      ARD (kind of older I think)
  Theres some others for sickbeard/sabnzbd etc, but those are the ones I've opened for the server. 

• What ports need to be open to allow ARD 3.x traffic to operate

  cannot ARD into Macs on a 192.168 type network.
  Clients running SL 10.6.4 with firewall completely off
  Clients running 10.5.8 with "allow all incoming connections" on
  Network admin here says this should work as "nothing is blocking it"
  TIA

  You need to open and probably forward TCP and UDP port 3283 and UDP port 5900. For encrypted file transfer (ARD 3.0), also open and forward TCP port 22. Setting up a VPN will probably be the most effective, though, if you need to control multiple Macs behind an NAT router, since you can only forward a given IP port to a single system.
  Regards.

• What ports need to be opened on my firewall?

  I've got an app that send a javamail message via our smtp server behind a firewall. The app works perfectly when the rules are completely opened up for the client. If I limit it to just port 25, it can not connect to the host. What other ports are needed to use java mail? The only port number I see in debug is 25.

  POP3 uses 110 to communicate.....
  -Dave