124 IBM Tivoli Remote C ontrol Across Firewalls
Since this label must be the same as the Controller Proxy, the RC Target Proxy
also knows the Controller Proxy it needs to connect to. The RC Target Proxy
then forwards the request to the RC Controller Proxy through the specified Relay
instance. When the request is received by the RC Controller Proxy, it will be
responsible for connecting to the IP address and port number of the Endpoint
Target it has just collected.
4.2.3 Firewall configuration tables
This section provides a correlation between firewall customization and the Tivoli
environment to be implemented, providing the information a firewall administrator
should need in order to configure the port s properly on all the firewalls to make
the remote control session working, for this particular scenario.
Table4-3 shows the components that w ill communicate through firewall 1 and the
ports they use in our scenario.
Table 4-3 Firewall 1 configuration table
Table4-4 shows the com ponents that will communicate through firewall 2 and the
ports they use in our scenario.
Table 4-4 Firewall 2 configuration table
Source Destination Service/
Protocol
Description/
Activity
Component Port Component Port
RC Target
Proxy
range
(4000-
4010)
Relay 7020 rcproxy /
TCP
RC Target Proxy
service
Relay 7020 RC Target
Proxy
range
(4000-
4010)
Relay /
TCP
Relay service
Source Destination Service/
Protocol
Description/
Activity
Component Port Component Port
Relay range
(4023-
4024)
Controller
Proxy
8020 Relay Relay service
Controller
Proxy
8020 Relay range
(4023-
4024)
rcproxy RC Controller
Proxy service