How to tune ACLs for IQM's proper work? |
|
|
|
Written by Максим
|
Tuesday, 06 December 2011 17:52 |
For the IQM works properly the following traffic should be permitted: Between agents (IQMA): TCP1189 (control channel) UDP - user-space range (for testing), if the opening of the full range is prohibited - you can open the pool of UDP-ports for each agent (one port per test).
From management system (IQMM) to agents (IQMA):
TCP1189 (control channel) TCP22 (SSH) (for agents administration) UDP161 (SNMP) (When you'd like to get agents information via SNMP)
From agents (IQMA) to management system (IQMM):
TCP21 (FTP) + FTP_DATA (FTP from the agents to the management system. Agents pushes collected statistics using FTP (passive mode))
From agents (IQMA) and mamagement (IQMM) to the NTP-server (NTP server can be combined with IQMM):
UDP123 (NTP) (to synchronize clocks on agents and management system)
|
Last Updated on Monday, 03 August 2015 16:08 |