Send documentation comments to mdsfeedback-doc@cisco.com.
1-12
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-6965-03, Cisco MDS SAN-OS Release 2.x
Chapter 1 Installation and Configuration
Running Fabric Manager Behind a Firewall

Running Fabric Manager Behind a Firewall

For Windows PCs running Fabric Manager, Device Manager, and Performance Manager behind a
firewall, certain ports need to be available.
By default, Fabric Manager client component and Device Manager use the first available UDP port for
receiving SNMP responses. The UDP SNMP Trap local ports are (1162 for Fabric Manager, and 1163
or 1164 for Device Manager). Fabric Manager Client also opens TCP RMI port 9099. If Device Manager
is opened from the Fabric Manager client, it listens on the first available UDP port for Fabric Manager
requests.
In Fabric Manager Release 2.1(2) or later, you can select the UDP port that Fabric Manager client or
Device Manager uses for SNMP responses by uncommenting the following statement:
On a Windows desktop, uncomment the following:
rem JVMARGS=%JVMARGS% -Dsnmp.localport=9001
On a UNIX desktop, uncomment the following:
# JVMARGS=$JVMARGS -Dsnmp.localport=9001
Note UDP port 161 on the firewall must be open for incoming traffic. If the firewall blocks outgoing responses
from snmp, then you can control which local ports DM or FM should open.
The Fabric Manager Server proxy services feature, available in Cisco MDS SAN-OS Release 2.1(1a) or
later, uses a configurable TCP port (9189 by default) for SNMP communications between the Fabric
Manager client or Device Manager and Fabric Manager Server.
The Fabric Manager server component requires two predictable TCP ports to be opened on the firewall
for an incoming connection:
java.rmi.registry.port = 9099
java.rmi.server.remoteObjectPort = 9199
As long as these two ports are opened, the Fabric Manager client can connect to the server. There may
be other TCP ports connected to Fabric Manager Client, but they are initiated by the server, which is
behind the firewall.
Below is a list of all ports used by the Fabric Manager applications:
Common to all applications
SSH 22 (TCP)
TELNET 23 (TCP)
HTTP 80 (TCP)
TFTP 69 (UDP)
SYSLOG 514 (UDP)
Fabric Manager Server and Performance Manager
SNMP_TRAP 2162 (UDP)
SNMP picks a random free local port (UDP) - (can be changed in server.properties)
���Java RMI 9099, 9199 to 9299 (TCP)
Fabric Manager Client