What ports need to be open to control Lion Server from a remote location (through Server.app)?
I need to control a Lion Server from a remote location and need to poke some holes in the firewall, unfortunately, I have no idea what ports those need to be. I can control the Server via the Server Admin application, but it will simply not connect via the Server.app.
Suggestions?
Thanks in advance.
Marius
Try in the Lion Server Forum?
Regards,
Colin R.
Similar Messages
-
What ports need to be opened for Podcasting?
To all,
I am a little lost. We have a server which is inside our firewall. What we're trying to do is to use this server as a test bed for podcasting. Our network admin is going to set it up so that it's behind the firewall but we can still access the content from home or anywhere. Now my question. The admin has asked us what ports need to be opened for podcasting. We have no idea. Is this something we need to setup on the server we are using or is there something else.
FYI - We are using a Windows NT server...I know, I know, I need to upgrade.
Any help is greatly appreciated. Thank you in advance.
zanm
Other OS windows NT serverPodcasting is not streaming on content, only downloading. It is basically a blog with an attachment in the RSS feed. Only port 80 (normal web port) needs to be able to go through the firewall.
-
What ports need to be open?
I'm setting up my fmis to deliver video through rtmp and http.
I'm on a locked down network.
What ports need to be open to allow people outside of the network to access the rtmp/http streams?
I am correct to say only port 80 and 1935?Yes... 80 and 1935 is what you need for RTMP connections and proxied HTTP downloads. If you want to use RTMPS, you should also open 443.
If you want to be able to use the admin service and admin console, you'll also want to open 1111 -
What ports need to be opened from apple's firewall?
I googled that qmaster uses port 10012 tcp&udp, but what ports need to be open for Qadministrator and Batch Monitor?
They didn't seem to work just with 10012.
Is there any documents about this from apple?
Idea of just leaving firewall off sounds like Microsoft in te 90s'.
And even they have made an interactive firewall that asks you to open a port when some application tries to use it.
Well, these fcp applications are sooo PRO...On the Qmaster system prefs pane, turn on the "Show Qmaster status in menu bar" option in the advanced tab.
Then click the Qmaster icon on the menu bar, and it will show you all active Qmaster services, and their TCP port. You would need that port open. You need to do this on every computer on the cluster.
In your setup, are all the computers on the same subnet? Although you may be on a large network, you can rope off your systems into their own sub network, with a master firewall and avoid this type of problem. Each computer will have a different port, and that port will change every single time you start and stop the service. The TCP port will fall between 40000 and 65536 (the highest port ranges).
So, again I recommend protecting the network which will protect all the systems universally. But try setting the TCP ports listed on all the service nodes, and remember that those will change whenever you start and stop the service. (I'm not sure if the port will change after a reboot as well.)
Good luck -
I need helping configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.
I have attempted to configure rdp access but it does not seem to be working for me Could I please ask someone to help me modify my current configuration to allow this? Please do step by step as I could use all the help I could get.
I need to allow the following IP addresses to have RDP access to my server:
66.237.238.193-66.237.238.222
69.195.249.177-69.195.249.190
69.65.80.240-69.65.80.249
My external WAN server info is - 99.89.69.333
The internal IP address of my server is - 192.168.6.2
The other server shows up as 99.89.69.334 but is working fine.
I already added one server for Static route and RDP but when I try to put in same commands it doesnt allow me to for this new one. Please take a look at my configuration file and give me the commands i need in order to put this through. Also please tell me if there are any bad/conflicting entries.
THE FOLLOWING IS MY CONFIGURATION FILE
Also I have modified IP information so that its not the ACTUAL ip info for my server/network etc... lol for security reasons of course
Also the bolded lines are the modifications I made but that arent working.
ASA Version 7.2(4)
hostname ciscoasa
domain-name default.domain.invalid
enable password DowJbZ7jrm5Nkm5B encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Vlan1
nameif inside
security-level 100
ip address 192.168.6.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 99.89.69.233 255.255.255.248
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
dns server-group DefaultDNS
domain-name default.domain.invalid
object-group network EMRMC
network-object 10.1.2.0 255.255.255.0
network-object 192.168.10.0 255.255.255.0
network-object 192.168.11.0 255.255.255.0
network-object 172.16.0.0 255.255.0.0
network-object 192.168.9.0 255.255.255.0
object-group service RDP tcp
description RDP
port-object eq 3389
object-group service GMED tcp
description GMED
port-object eq 3390
object-group service MarsAccess tcp
description MarsAccess
port-object range pcanywhere-data 5632
object-group service MarsFTP tcp
description MarsFTP
port-object range ftp-data ftp
object-group service MarsSupportAppls tcp
description MarsSupportAppls
port-object eq 1972
object-group service MarsUpdatePort tcp
description MarsUpdatePort
port-object eq 7835
object-group service NM1503 tcp
description NM1503
port-object eq 1503
object-group service NM1720 tcp
description NM1720
port-object eq h323
object-group service NM1731 tcp
description NM1731
port-object eq 1731
object-group service NM389 tcp
description NM389
port-object eq ldap
object-group service NM522 tcp
description NM522
port-object eq 522
object-group service SSL tcp
description SSL
port-object eq https
object-group service rdp tcp
port-object eq 3389
access-list outside_1_cryptomap extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 192.168.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-data
access-list outside_access_in extended permit udp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-status
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group RDP
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ftp
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ldap
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq h323
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq telnet
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq www
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group SSL
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM522
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM1731
access-list outside_access_in extended permit tcp 173.197.144.48 255.255.255.248 host 99.89.69.334 object-group RDP
access-list outside_access_in extended permit tcp any interface outside eq 3389
access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333
access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333 object-group rdp
access-list outside_access_in extended permit tcp any host 99.89.69.333 object-group rdp
access-list out_in extended permit tcp any host 192.168.6.2 eq 3389
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp 99.89.69.334 3389 192.168.6.1 3389 netmask 255.255.255.255
static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 99.89.69.338 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 192.168.6.0 255.255.255.0 inside
http 0.0.0.0 0.0.0.0 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set peer 68.156.148.5
crypto map outside_map 1 set transform-set ESP-3DES-MD5
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 1
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
tunnel-group 68.156.148.5 type ipsec-l2l
tunnel-group 68.156.148.5 ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
prompt hostname context
Cryptochecksum:f47dfb2cf91833f0366ff572eafefb1d
: end
ciscoasa(config-network)#Unclear what did not work. In your original post you include said some commands were added but don't work:
static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
and later you state you add another command that gets an error:
static (inside,outside) tcp 99.89.69.333 3389 192.168.6.2 3389 netmask 255.255.255.255
You also stated that 99.89.69.333 (actually 99.89.69.233, guessing from the rest of your config and other posts) is your WAN IP address.
The first static statement matches Cisco's documentation, which states that a static statement must use the 'interface' directive when you are trying to do static PAT utilizing the IP address of the interface. Since 99.89.69.333 is the assigned IP address of your WAN interface, that may explain why the second statement fails.
Any reason why you are using static PAT (including the port number 3389) instead of just skipping that directive? Static PAT usually makes sense when you need to change the TCP port number. In your example, you are not changing the TCP port 3389. -
Thin JDBC through firewall - what ports need to be open?
We are running Oracle 7.3, and Oracle Web Server on the same
computer. The firewall is set up to allow connections to that
computer from anywhere, on ports 80 and 1521.
Our thin JDBC applet works perfectly from inside the firewall,
but from outside, I get a time-out error trying to open the JDBC
connection.
What else needs to be done get JDBC through? Do other ports need
to be open on the firewall?
The JDBC FAQ mentions a "Net8 compliant" or "SQLNet certified"
firewall - is that relevant to this problem, and if so, what does
it really mean?
We are supposed to be operational right now, so many many thanks
for any help on this!
- Joe Wielgosz
nullTry in the Lion Server Forum?
Regards,
Colin R. -
What Ports need to be opened during Exchange migration?
Hi Team,
I am working on a Migration project (Ex2007 to Ex2013). Same forest same domain but are in different sites.
Please find the below details
AD Site1 - Ex2007 Servers
2 Mailbox Servers (CCR)
2 (HUB+CAS) in NLB
2 Domain Controllers
AD Site2 - Ex2013 Servers
2 Multi Role Servers (MB+CAS) with DAG
2 Domain Controllers
We have firewall in between data centers, could some one help me out what ports are need to opened on firewalls.
Thanks,
Balgates
Regards, Balgates808 (TCP)
Mailbox Replication Service uses to communicate
53 (TCP)
DNS
135 (TCP)
RPC End Point
389 (TCP)
LDAP
3268
LDAP
1024 > (TCP)
if mailbox store is not statically configured then 1024 higher ports need to be open
88 (TCP)
Kerberos
445 (TCP)
Microsoft-DS Service
443 (TCP)
Mailbox Replication Proxy service uses port 443 to communicate with other Exchange 2010 client access server via HTTPS. -
I need to share Mac Lion files over the internet through a Verizon FIOS Actiontec MI424WR router. I don't know which ports need to be open.
548 is AFP assuming you are sharing with another Mac
-
What ports need to be open on Fw for Waas Communication--Urgent
Hi All,
This product is new to need your help in configuring this. I am explaining the architecture below:-
We have a requirement to use WAVE-594-K9 Software Release 5.3.1 and in our Manila location and it will not talk to Waas central Manager in our client location instead client has installed one same model Wave-594 in PHX.
So now client has said it will only be used for caching contents and not for optimizing, they have some video training on web which will be passed through this wave and for making them highly/fastly available to agents they want to use this.
We have installed one Wave in Manila in application-accelerator mode and using PBR to redirect the desired traffic via Wave. As per our client Manila Wave will talk to PHX wave and PHX wave will get registered to Waas Manager in client network.
We have firewall between PHX wave & Manila wave, please let me know do we need to opened tcp/udp ports on FW for opening the communication between these two waves?
and what else i need to configure on Manila wave?
This is very urgent quick reply will be highly appreciated!!
Thanks!!
BhishamThanks for the quick reply Kanwal!!
I checked with my team in PHX and we have Juniper FW in between these two Wave's, so what i understand from the links which you have shared.
In Manila Wave i need to configure that in Directed Mode and udp port 4050 needs to be opened bi-directionally on Juniper FW between IPs configured on wave devices.
In Manila we have 10.111.x.189 (Virtual-Blade IP) & 10.111.x.190 IPs & in PHX we 63.149.23.x & 63.149.23.x (VB) so from both IPs we required to open udp 4050 bi-directionally? Want to be sure before raising any request :-)
In PHX wave i am not sure whether we can configure that in directed mode and if it’s not then also it will work by opening port 4050 on FW Right?
In last our client was saying that Manila Wave will only be used as cache engine (VB is configured as content-engine) and it will download contents from PHX Wave (which is registered to CM at client side), what does it mean and do i need to do any special config on wave to achieve this?
I am very new to this device and lot of research on net confused me a lot, please don’t mind!!
Will wait for your reply then only i will raise request with FWteam.
Thanks,
Bhisham -
What ports need to be open in order to sign in with my Adobe ID?
I keep getting an error when attempting to log in to activate Photoshop CS6 Beta. The error says, "Please connect to the internet and retry". I suspect my corporate firewall is to blame, but I need to know what ports I need opened in order to make my request.
All Experiencing this issue. Please try these steps.
Let's see what we can see here:
1. Try going into a web browser and connecting to both of these addresses:
https://www.adobe.com/
https://www.acrobat.com/
Let us know if you can get to those ok! Testing firewall functionality with Adobe.com addresses.
After that, please let us know the results of clicking these links in succession
2. Try going into a web browser and connecting first to
https://ims-na1.adobelogin.com/
and secondly to:
https://ims-na1.adobelogin.com/status
Let us know what you see, or if you get errors.
It would be nice to have all responses show up here:
http://forums.adobe.com/message/4285499#4285499
Thanks!
Pete -
Pixma MX922 drops off network, what ports need to be opened
Pixma MX922 keeps dropping from my wireless network - no matter what I do to configure. Called Canon support and they were not able to resolve issue (offered to replace printer, prefer not to do this - only as last resort).
I attempted ALL the standard items to resolve (re-install printer, drivers, make static IP (NO DHCP leasing - and my DHCP lease time on router is set to max. time of 2 weeks anyway...), made sure of no firewall issues, etc., etc.) but printer keeps doing this. Can ping the ip, etc., so I know that it exists, but UNLESS I POWER the printer OFF / ON - anything I sent to it will just sit in print queue. Once I power it off / on - all printing is fine - only for a few hours or next day - until it happens again...
Somewhere on this forum another user stated that he resolved the problem by contacting Canon support and they told him specific Ports on his router that had to be opened in order to fix the issue of the printer dropping off wireless network (* he must have had a better tech than the ones I spoke with...).
Does anyone on this forum know the ports that must be open on the router? Possibly one or two higher number ip ports such as 1020, or 25466, etc. ?
Thank you to anyone who may know this and provide.Podcasting is not streaming on content, only downloading. It is basically a blog with an attachment in the RSS feed. Only port 80 (normal web port) needs to be able to go through the firewall.
-
ZLM Agent behind firewall: What ports needs to be opened?
What ports ZLM Agent (managed device) is using when communizating the ZLM Server? And what ports ZLM Server is using when communicating to ZLM Agent? We do not have server GUI up, so Remote Management ports are not needed...
Thanx in advance...
-John-John,
Scroll down in the list till you get the TCP Ports,
that has the information you are looking for:
Novell Documentation
Rainer -
HT4814 What ports need to get opened to do this remotely?
I looked through the list of ports commonly used here: http://support.apple.com/kb/TS1629 and forwarded what appeared to be the appropriate ports but this appears to only cover through Lion. I wouldn't have thought much would've chaged in that dept but who knows.
10.8.1 Server FYISorry, I should have specified. I'm using the server app. You can use it to manage other servers but it just times out. I've got the following ports forwarded:
22 SSH (will probably change at some point)
50 IKE?
331 Server admin
500 VPN&IKE?
660 Server admin
687 Yet more admin...
1701 L2TP
3283 ARD
5900 ARD/VNC
5988 ARD (kind of older I think)
Theres some others for sickbeard/sabnzbd etc, but those are the ones I've opened for the server. -
What ports need to be open to allow ARD 3.x traffic to operate
cannot ARD into Macs on a 192.168 type network.
Clients running SL 10.6.4 with firewall completely off
Clients running 10.5.8 with "allow all incoming connections" on
Network admin here says this should work as "nothing is blocking it"
TIAYou need to open and probably forward TCP and UDP port 3283 and UDP port 5900. For encrypted file transfer (ARD 3.0), also open and forward TCP port 22. Setting up a VPN will probably be the most effective, though, if you need to control multiple Macs behind an NAT router, since you can only forward a given IP port to a single system.
Regards. -
What ports need to be opened on my firewall?
I've got an app that send a javamail message via our smtp server behind a firewall. The app works perfectly when the rules are completely opened up for the client. If I limit it to just port 25, it can not connect to the host. What other ports are needed to use java mail? The only port number I see in debug is 25.
POP3 uses 110 to communicate.....
-Dave
Maybe you are looking for
-
G/L account determination through material account assignment group
Hi , I would really appreciate any help on this . The scenario is . We changed the account assignment group of maetrial to 01 just 2 days back. We have old open sales order line up for this particular material . When I am trying to Bill these
-
My AC Power Cord is not working! What should I do?
I realised that my Macbook Pro was not charging today, so I tried to reset my SMU and PRAM. It didn't work. I took out the AC Power Cord and used the 60W MagSafe Power Adapter instead (I attached the AC Power Cord to the adapter to increase the lengt
-
what are the steps to connect 2 FI 6248UP to a brocade dcx switch? I have a total of 6 FC Ports shown but they are configured as uplink ports. Should they be FC storage ports instead? I am not sure I need all 6 links to the dcx switch, so maybe 4 on
-
Trying to help a friend read a .docx or .txt using an iphone4
I'm chatting with someone online and she can't view a .docx of .txt file on her iphone 4. She says she gets a blank page. I'm using a iphone version 6.1 and can open both easily. Any ideas?
-
hi all, could u pls help me out? in my hr-abap spec given like the report can be run for any date range up to 7 days.... that means the difference between begin date and enddate should be 7. how can i restrict the user that he only the selected date