HP

HP System Management Homepage

English
  Getting Started  |  Configuring Firewall Settings   

Configuring Firewall Settings

»Table of Contents
»Index
»Product Overview
»Getting Started
»Logging In
Configuring Firewall Settings
»Configuring Timeout Settings
»Automatically Importing Certificates
»Logging Out
»Navigating the Software
»The Home Page
»The Settings Page
»The Tasks Page
»The Tools Page
»The Logs Page
»Troubleshooting
»Legal Notices
»Printable version
»Glossary
»Using Help
» Windows
» Linux
» Related Topics

Windows

Some operating systems, including Windows XP with Service Pack 2 and Windows Server 2003 SBS, implement a firewall that prevents browsers from accessing the ports required for the Version Control Repository Manager access. To resolve this issue, you must configure the firewall with exceptions to allow browsers to access the ports used by HP Systems Insight Manager and Version Control Repository Manager.

For Windows XP with Service Pack 2, this configuration leaves the default SP2 security enhancements intact, but allows traffic over the ports. These ports are required for the Version Control Repository Manager to run. The secure and insecure ports must be added to enable proper communication with your browser.

To configure the firewall:

  1. Select StartSettings Control Panel.

  2. Double-click Windows Firewall to configure the firewall settings.

  3. Select Exceptions.

  4. Click [Add Port].

    You must enter the product name and the port number.

    Add the following exceptions to the firewall protection:

    ProductPort Number
    HP SMH Insecure Port:2301
    HP SMH Secure Port:2381

  5. Click [OK] to save your settings and close the Add a Port dialog box.

  6. Click [OK] to save your settings and close the Windows Firewall dialog box.

Linux

Firewalls are configurable various ways depending on the version of Linux installed.

Red Hat Enterprise Linux 4 and 5

The following list displays an example of iptables firewall rules for Red Hat Enterprise Linux 4 and 5 in the /etc/sysconfig/iptables file:

# Firewall configuration written by redhat-config-securitylevel

# Manual customization of this file is not recommended.

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

:RH-Firewall-1-INPUT - [0:0]

-A INPUT -j RH-Firewall-1-INPUT

-A FORWARD -j RH-Firewall-1-INPUT

-A RH-Firewall-1-INPUT -i lo -j ACCEPT

-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT

-A RH-Firewall-1-INPUT -p 50 -j ACCEPT

-A RH-Firewall-1-INPUT -p 51 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

COMMIT

The following list displays the new value in the iptables firewall rules for Red Hat Enterprise Linux 4 and 5 that allows access to HP SMH in the /etc/sysconfig/iptables file:

# Firewall configuration written by redhat-config-securitylevel

# Manual customization of this file is not recommended.

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [0:0]

:RH-Firewall-1-INPUT - [0:0]

-A INPUT -j RH-Firewall-1-INPUT

-A FORWARD -j RH-Firewall-1-INPUT

-A RH-Firewall-1-INPUT -i lo -j ACCEPT

-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT

-A RH-Firewall-1-INPUT -p 50 -j ACCEPT

-A RH-Firewall-1-INPUT -p 51 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2301 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2381 -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

COMMIT

SUSE Linux Enterprise Server

SUSE Linux Enterprise Server 9 and 10 firewalls are configured using the YAST2 utility.

To configure the firewall:

  1. Using the YAST2 utility, select Security & UsersFirewall. The Firewall Configuration (Step 1 of 4): Basic Settings window appears.

  2. Click [Next]. The Firewall Configuration (Step 2 of 4): Services window appears.

  3. In the Additional Services field, enter 2301:2381 and click [Next]. The Firewall Configuration (Step 3 of 4): Features window appears.

  4. Click [Next]. The Firewall Configuration (Step 4 of 4): Logging Options window appears.

  5. Click [Next]. A dialog box displays asking you to confirm your intention to save settings and active firewall.

  6. Click [Continue]. The firewall is configured and your settings are saved.

Related Topics

» HP System Management Homepage - Getting Started
» Getting Started - Logging In
» Getting Started - Automatically Importing Certificates
» Getting Started - Logging Out
» Navigating the Software - HP SMH Pages