Export (0) Print
Expand All

Using MOM with Firewalls for Additional Security

Your IT environment might use firewalls that separate MOM computers. Depending on your topology, this separation might present an issue. Table 6 shows when using a firewall between MOM 2005 computers is supported and when it is not. The arrows indicate the direction of communication.

Table 6 - Firewall Compatibility with MOM 2005

Connection

Firewall

Port, Protocol, or Remark

Management Server --> Agentless

NO

RPC port (TCP 135) and DCOM port range

Management Server <-- Administrator console

NO

RPC port (TCP 135) and DCOM port range

Management Server <-- Operator console

NO

RPC port (TCP 135) and DCOM port range

Management Server <-- Agent

OK

TCP/UDP port 12701

Management Server --> MOM Database

OK

OLEDB Tunneling, port 14332

Reporting Database <-- MOM Database

NO

DTS port (TCP 1433)

Reporting Database <-- Reporting console

OK

HTTP port 80

Management Server <-- Web console

OK

TCP port 1272

MMPC source--> MMPC destination

OK

TCP port 1271

Management group - Management group

OK

Use MOM to MOM Product Connector

OK - using a firewall with this connection is supported

NO - using a firewall with this connection is not supported

1 - Agent Management Tasks will not work properly without the DCOM port range being opened.

2 - User configurable.

Using Active Directory through a Firewall

If you have a MOM Database Server that is beyond a firewall from your Domain Controller, you will have to open additional ports to allow the MOM Database Server to authenticate the DAS account credentials. Microsoft Support article 179442, How to Configure a Firewall for Domains and Trusts, details how you can do this. For more information about well-known services and ports, see the Microsoft Support article 832017, Service overview and network port requirements for the Windows Server system.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft