How to tune ACLs for IQM's proper work? Print
Written by Максим   
Tuesday, 06 December 2011 17:52

For the IQM works properly the following traffic should be permitted:

Between agents (IQMA):

TCP1189 (control channel)
UDP - user-space range (for testing), if the opening of the full range is prohibited - you can open the pool of UDP-ports for each agent (one port per test).

From management system (IQMM) to agents (IQMA):

TCP1189 (control channel)
TCP22 (SSH) (for agents administration)
UDP161 (SNMP) (When you'd like to get agents information via SNMP)

From agents (IQMA) to management system (IQMM):

TCP21 (FTP) + FTP_DATA (FTP from the agents to the management system. Agents pushes collected statistics using FTP (passive mode))

From agents (IQMA) and mamagement (IQMM) to the NTP-server (NTP server can be combined with IQMM):

UDP123 (NTP) (to synchronize clocks on agents and management system)

Last Updated on Monday, 03 August 2015 16:08