dbeckner
Level 8

FNMS Multi-Server Ports Configuration

Jump to solution

I am preparing for a multi-server customer installation.  The setup will be as follows:

Web Server

App Server (Batch/Inventory)

Beacon Server

DB Server

I am looking for information on the port configurations needed for each of these servers. I have a table put together with the list of the ports but im unsure of the directionality of the port configs.

0 Kudos
3 Solutions
mfranz
Level 15

Hi,

Does this help? Arrows show typical communication directions. So for example you'll have to open ports to allow access from the Web Server and App Server to the Database Server.

Ports.png

Best regards,

Markward

Softline Group is Europe's leading independent expert in Software Asset Management.

View solution in original post

I suggest you check what each of them does. It really depends on what you're planning to do with FNMS. I guess most of them are used for some kind of discovery and iventory (by the Beacon Server). Therefore they'll need to be opend on the respective targets or targeted subnets. Before openening countless holes in your firewalls, you should check your specific use cases.

Softline Group is Europe's leading independent expert in Software Asset Management.

View solution in original post

0 Kudos
ChrisG
Community Manager Community Manager
Community Manager

Some further information about ports used to and from beacon servers can also be found on the following online help pages:

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)

View solution in original post

7 Replies
mfranz
Level 15

Hi,

Does this help? Arrows show typical communication directions. So for example you'll have to open ports to allow access from the Web Server and App Server to the Database Server.

Ports.png

Best regards,

Markward

Softline Group is Europe's leading independent expert in Software Asset Management.

View solution in original post

@mfranz Yes thank you that is helpful. I'm also looking for the following ports --

 

135, 389, 1801, 2101, 2103, 2105, 3527 (MSMQ)

139, 445 (SMB)

137, 161 (NetBios and SNMP Discovery)

 

Which servers will use them and whether it will be bi-directional or uni-directional.

0 Kudos

I suggest you check what each of them does. It really depends on what you're planning to do with FNMS. I guess most of them are used for some kind of discovery and iventory (by the Beacon Server). Therefore they'll need to be opend on the respective targets or targeted subnets. Before openening countless holes in your firewalls, you should check your specific use cases.

Softline Group is Europe's leading independent expert in Software Asset Management.

View solution in original post

0 Kudos

Understood. That makes sense. Thanks for the insight! @mfranz 

0 Kudos
ChrisG
Community Manager Community Manager
Community Manager

Some further information about ports used to and from beacon servers can also be found on the following online help pages:

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)

View solution in original post

Hi @dbeckner ,

For one of uploads and other features in Business data inputs to work as it should the MSMQ communication should be enabled Bidirectional in multi server setup.

1801, 2101, 2103, 2105, 3527 (MSMQ)

Batch server <-----------> Web application server.

I faced an issue recently and there is no clue anywhere in the Flexera Documentation/KB regarding this and only after enabling the MSMQ Bidirectional communication the one off upload is working without issues.

Hope this help

Hi Markward,

On your nice picture, between the App Server and the Web Server, I'm indeed missing the IP ports for Microsoft Message Queuing (MSMQ).

In case you have more than one FNMS application server, these IP ports need to be open between all application servers as described in the "Installing fNMS on Premises" document on Page 15.

Additional ports specifically between the Beacon(s) and target systems twill indeed depend on the tasks executed from the Beacon. Examples would be remote scanning of Oracle databases (requires an Oracle IP port like 1521) or connecting inventory data from an IBM ILMT database running on DB2 (requires the IP port the DB2 database is running on to be open).

SMB IP ports (139, 445) will generally be required to be open between the Beacon(s) and their targets for remote ("Zero Touch") execution of Flexera Windows agents. IP Port 22 (SSH) needs to be open for running similar tasks non-Windows target computers.