62 IBM Tivoli Remote Control Across Firewalls
Regarding the network communication for IBM Tivoli Remote Control, it is
important to notice that the communication pipe between the RC Proxies is
always opened and started as soon as the local RC Proxies services are started.
If a Relay is part of the architecture, the communication pipes between the RC
Proxies and the Relay are also always opened and started at the service star tup
time. The communication channels between the RC Controller and the RC
Target Proxy and between the RC Target and the RC Controller Proxy are
opened only when the remote session is star ted.
Unidirectional communication without RelayTable2-1 provides an exhaustive list of communication ports required to allow
the RC Controller to communicate with the RC Target located in another network
zone using a unidirectional communication type between the RC Proxies. In this
situation, the Parent Proxy, which is the RC Target Proxy, is the
initiator
. The
comments following the table refer to the numbered notes inside the table.
Note: The information provided in the following tables could be used to
configure the filtering rules of the firewall.
Note: The following sections mainly provide information about the Remote
Control Proxies network communication. These communications are the same
even if the Remote Control Proxy is a Standalone or a Non-Standalone
solution. However, the information provided could also help you to understand
the network communication between an Endpoint Proxy and a Gateway
Proxy, as the Proxy concept is almost the same for the both products.
Furthermore, as the Proxy configuration files are the same, you could replace
the RC Target Proxy by the Endpoint Proxy and the RC Controller Proxy by
the Gateway Proxy in the sections below. However, you will find more
information about the Endpoint Proxy/Gateway Proxy communication in the
redbook,
Tivoli Enterprise Management Across Firewalls
, SG24-5510 .
Note: In order to better explain the different ports used by IBM Tivoli Remote
Control, we assume that the RC Target Proxy is the Parent Proxy and that the
RC Controller Proxy is the Child Proxy. However, the communications ports
concept will work the same if the RC Target Proxy is installed on the Child
Proxy and the RC Controller Proxy on the Parent Proxy.