2.4 Prerequisites for intermediate system
2.4.1 Setting up firewall rules
Before creating connections between NetAct and Flexi Multiradio BTS LTE, open the ports that are allowed in the network element.
If the network element uses an external NTP server or an external DNS server, ensure that appropriate firewall ports (123 for NTP and 53 for DNS) are open for these services.
The default firewall rules for connecting Flexi Multiradio BTS LTE to NetAct are listed in the table below.
FTP service is disabled by default in NetAct. Enable FTP service manually. For detailed instructions on how to enable FTP service, see Starting FTP.
Source Source Port Dest. Dest. Port AL1 TL2 Service Object Description
OMS ephemeral3 NWI3 80 HTTP TCP http HTTP port used by OMS file download (hardcoded in OMS).
There is a port forwarding rule set to forward all traps coming to port 80 to port 9294.
OMS ephemeral3 NWI3 443 HTTPS TCP https HTTPS port used by OMS file download (hardcoded in OMS).
There is a port forwarding rule set to forward all traps coming to port 443 to port 9295.
OMS ephemeral3 NWI3 9294 HTTP TCP http-oms-file- HTTP forward port download used by OMS file
download
OMS ephemeral3 NWI3 9295 HTTPS TCP https-oms-file- HTTPS forward port download used by OMS file
download
OMS ephemeral3 NWI3 49152 IIOP TCP nwi3-reg- NWI3 registration service service
OMS ephemeral3 NWI3 49164 IIOP TCP nwi3-notific- NWI3 notification service service
OMS ephemeral3 NWI3 49177 IIOP TCP nwi3-topology- NWI3 topology event event-consumer consumer
OMS ephemeral3 NWI3 49179 IIOP TCP nwi3-alarm- NWI3 alarm event event-consumer consumer
OMS ephemeral3 NWI3 49192 IIOP TCP nwi3-trace- NWI3 trace event event-consumer consumer
Source Source Port Dest. Dest. Port AL1 TL2 Service Object Description OMS ephemeral3 NWI3 49300 IIOP TCP nwi3-cm-event- NWI3 CM event
notification notification
OMS ephemeral3 NWI3 49311 IIOP TCP nwi3-topology- NWI3 topology service service-callback
OMS ephemeral3 NWI3 49312 IIOP TCP nwi3-topology- NWI3 topology delete delete-callback
OMS ephemeral3 NWI3 49350 IIOP TCP nwi3-hw-agent NWI3 HW event consumer
OMS ephemeral3 NWI3 49354 IIOP TCP nwi3-audit-trail- NWI3 audit trail callback
OMS ephemeral3 NWI3 49509 IIOP TCP nwi3-license- NWI3 licence event event-consumer consumer
OMS ephemeral3 NWI3 49510 IIOP TCP nwi3-cert-agent NWI3 certificate management
OMS ephemeral3 NWI3 49530 IIOP TCP nwi3-pm-event- NWI3 pm event consumer consumer
OMS ephemeral3 NWI3 49557 IIOP TCP nwi3-sw-upload NWI3 Software Upload
OMS ephemeral3 NWI3 49558 IIOP TCP nwi3-sw- NWI3 Software download Download
OMS ephemeral3 NWI3 49559 IIOP TCP nwi3-sw- NWI3 Software change change-event- event consumer consumer
OMS ephemeral3 NWI3 49560 IIOP TCP nwi3-sw- NWI3 Software update update-event- event consumer consumer
OMS ephemeral3 NWI3 49600 IIOP TCP nwi3-audit-trail- NWI3 audit trail event event-consumer consumer
OMS ephemeral3 NWI3 49619 IIOP TCP tcp-49619 NWI3 CNUM mediator management
OMS ephemeral3 NWI3 49620 IIOP TCP nwi3-mediator- NWI3 integration callback mediator management
OMS ephemeral3 NWI3 49622 IIOP TCP nwi3-local- NWI3 user security- management callback
OMS ephemeral3 NWI3 49333 IIOP TCP nwi3-swm- NEBR download nodebackup callback agent
OMS ephemeral3 NWI3 49344 IIOP TCP nwi3-swm- NEBR upload callback nodebackup agent
OMS ephemeral3 NWI3 49561 IIOP TCP nwi3-sw-commit NWI3 Software Commit/Rollback
OMS ephemeral3 NWI3 123 NTP UDP ntp NetAct server clock time set to actual time
Integrating Flexi Multiradio BTS LTE to NetAct Preparation before integration
Source Source Port Dest. Dest. Port AL1 TL2 Service Object Description
from external NTP server
OMS Any NWI3 33749 HTTPS TCP https For software backup
OMS ephemeral3 SBI- 443 HTTP/S TCP CM NWI3 data file
CommonMediation transfer
OMS ephemeral3 SBI- 80 HTTP TCP http CM NWI3 data file
CommonMediation transfer
OMS ephemeral3 SBI- 49400 - CORBA/ TCP tcp-49400 - CM NWI3 CommonMediation 49499 IIOP 49499
OMS ephemeral3 WebSphere 49400-49499 CORBA/ TCP https For CM upload IIOP
OMS Any LB WAS virtual IP 80 HTTP TCP http HTTP
OMS Any LB WAS virtual IP 443 HTTPS TCP https HTTPS
NWI3 ephemeral3 OMS 49341 IIOP TCP nwi3-security- NWI3 Security fragment fragment
NWI3 ephemeral3 OMS 49348 IIOP TCP nwi3-swm- NWI3 SWM NEBR nodebackup
NWI3 ephemeral3 OMS 49342 IIOP TCP nwi3-license- NWI3 LM Agent mgr-agent
NWI3 ephemeral3 OMS 49351 IIOP TCP nwi3-topology- NWI3 Topology service Service
NWI3 ephemeral3 OMS 49361 IIOP TCP nwi3-pm- NWI3 PM Service service
NWI3 ephemeral3 OMS 49363 IIOP TCP nwi3-sw-agent NWI3 SW Agent
NWI3 ephemeral3 OMS 49566 IIOP TCP nwi3-adapter NWI3 Adapter
NWI3 ephemeral3 OMS 80 HTTP TCP http HTTP file transfers from OMS
NWI3 ephemeral3 OMS 443 HTTPS TCP https HTTPS file transfers from OMS
NWI3 ephemeral3 OMS 22 SSH/SFTP TCP ssh Secured shell and secured file transfer from OMS
NWI3 ephemeral3 OMS 23 TELNET TCP telnet Telnet session to OMS
NWI3 ephemeral3 MRBTS 80 HTTP TCP http HTTP file transfers from MRBTS
NWI3 ephemeral3 MRBTS 443 HTTPS TCP https HTTPS file transfers from MRBTS
WebSphere ephemeral3 OMS 49350 IIOP TCP nwi3-hw-agent NWI3 HW Agent
WebSphere ephemeral3 OMS 49357 IIOP TCP nwi3-cm-plan- NWI3 CM Plan mgmt Management
Source Source Port Dest. Dest. Port AL1 TL2 Service Object Description WebSphere ephemeral3 OMS 49367 IIOP TCP nwi3- NWI3 Measurement
measurement- Handler hndlr
WebSphere ephemeral3 OMS 49566 IIOP TCP nwi3-adapter NWI3 Adapter
WebSphere ephemeral3 OMS 49363 IIOP TCP nwi3-sw-agent NWI3 SW Agent
WebSphere ephemeral3 OMS 443 HTTPS TCP https HTTPS
WebSphere ephemeral3 OMS 80 HTTP TCP http HTTP
WebSphere ephemeral3 OMS 22 SSH TCP ssh SSH
WebSphere ephemeral3 OMS 23 TELNET TCP telnet TELNET
WebSphere Any MRBTS 33400-33600 traceroute UDP udp-36400-33600 Used for displaying the route and measuring transit delays of packet
WebSphere Any MRBTS 7-8 ICMP UDP icmp Test host reachability and measure the round-trip time for messages sent from host to destination
NodeMgr Any OMS 49568 IIOP TCP tcp-49568 OMS connection needed for EM Launch
NodeMgr any OMS 636 LDAPS TCP ldaps Application Launcher launch
NodeMgr any OMS 49152-49999 IIOP TCP ne- Ephemeral ports used applauncher- by OMS Application oms launcher internal
applications, i.e. : Measurement management, Fault management.
NodeMgr Any OMS 80 HTTP TCP http OMS HTTP Web
NodeMgr Any OMS 443 HTTPS TCP https OMS HTTP Web
NodeMgr Any OMS 500 UDP UDP IPsec IKE negotiation
NodeMgr Any MRBTS 6000-6001 X-Window TCP x-window For btssitemanager launch
NodeMgr Any MRBTS 443 HTTPS TCP https Secured HTTP collection to MRBTS
NodeMgr Any MRBTS 12000 IIOP TCP entextxid SEM-FTM connection
ALL_NE ephemeral3 LB WAS virtual IP 636 LDAPS TCP ldap This port needs to be open for any NE that is being configured for CNUM.
Integrating Flexi Multiradio BTS LTE to NetAct Preparation before integration
Source Source Port Dest. Dest. Port AL1 TL2 Service Object Description
ALL_NE ephemeral3 LB WAS virtual IP 389 LDAP TCP ldap LDAP port used by any NE that is configured for CNUM.
ALL_NE Any DNS and LDAP 22 SSH TCP ssh SSH Daemon used for NE to NetAct communications
ALL_NE Any DNS and LDAP 53 DNS TCP/UDP dns DNS Server used for NE to NetAct communications
LB WAS virtual IP Any OMS 80 HTTP TCP http HTTP
LB WAS virtual IP Any OMS 443 HTTPS TCP https HTTPS
SBI- ephemeral3 OMS 443 HTTP/S TCP https CM NWI3 data file
CommonMediation transfer
SBI- ephemeral3 OMS 80 HTTP TCP http CM NWI3 data file
CommonMediation transfer
Table 16: Firewall rules for Flexi Multiradio BTS LTE
1 2 3
Application Layer
Transport Layer
If the source port is ephemeral, select a port from the NetAct port pool of the IP stack. To determine which range of ports can be used, contact your system administrator.
Node object name
OMS MRBTS SBI-CommonMediation NWI3 NodeMgr WebSphere, WAS VM DNS and LDAP LB WAS virtual IP ALL_NE
Table 17: Node descriptions
Description
Host address of OMS North Bound Interface for LTE Host address of Base Transceiver Station (BTS) for LTE
Virtual address of the node where the common_mediations service is running in NetAct
Virtual address of the node where the NWI3 service is running in NetAct Virtual address of the Node Manager Server in NetAct
Virtual address of the node where the WAS service is running in NetAct Virtual address of the node where DNS and LDAP dirsrv services are running in NetAct
Virtual IP address of the WAS load balancer component All NE types