Configuring firewall settings for outbound (static) ports
If your network uses a firewall or other security mechanism that requires static ports for communication, then you must specify the ports that other computers can use to communicate with Access Server services.
About this task
The configuration of firewall settings is not available when Access Server is configured in LDAP CHCCLP with embedded Access Server mode.
If your network uses a firewall or other security mechanism that requires static ports for communication, then you must specify the ports that other computers can use to communicate with Access Server services.
Each instance of client, where the client is Management Console or CHCCLP, requires the following number of ports:
- Two input and output ports to Access Server.
- One input and output port for each datastore (regardless of whether or not you connect to the datastore).
To calculate this set of ports from all clients, use the following formula:
(number of clients * 2) + (number of clients * number of datastores)
Each datastore that any of your clients connect to through Access Server, requires the following number of ports:
- One input and output port per instance of client.
- Two input and output ports per datastore (shared across all client instances).
To calculate the set of ports from Access Server, use the following formula:
(number of clients * number of datastores) + (number of datastores * 2)
Therefore, the complete set of ports to open
is shown in the following formula:
local_port_count = (number of clients * 2) + (number of clients * number of datastores) + (number of clients * number of datastores) + (number of datastores * 2)
All connections are initiated from Management Console to Access Server, and Access Server to the datastores. You must configure your routers and firewalls to allow communication through the configured ports. For more information, contact your network administrator.
Procedure
Example: calculating ports required
To help determine the number of ports required, take a scenario where there are ten concurrent clients and three datastores. To calculate the number of ports to open using the following formula:
local_port_count = (number of clients * 2) + (number of clients * number of datastores) + (number of clients * number of datastores) + (number of datastores * 2)
The number of port required will be the total of the following calculation: 10 * 2 + 10 * 3 + 10 * 3 + 3 * 2 = 86
You will require 86 ports.