VMware View 4.x - используемые порты и настройки фаервола.
26/04/2011
Поддержите VM Guru! Пост:
Для многих администраторов, управляющих решением для виртуализации настольных ПК предприятия VMware View , могут оказаться полезными таблицы используемых различными компонентами View портов. Таблицы подготовил Christoph Harding, работник VMware и автор блога That's my View , на основе следующих документов:
Perimeter Firewall Rules (правила между внешним клиентом View и Security Server)
Source IP
Source Port
Direction
Destination IP
Transport Protocol
Dest. Port
Application Protocol
Comment
Type
<EXTERNALCLIENT>
<CLIENTPORT>
Inbound
<SECURITYSERVER>
TCP
80
HTTP
Used if SSL/HTTPS is not used on the Security Server
Optional
<EXTERNALCLIENT>
<CLIENTPORT>
Inbound
<SECURITYSERVER>
TCP
443
HTTPS
Communication between View Client and View Security Server. Authentication etc.
Mandatory
<EXTERNALCLIENT>
<CLIENTPORT>
Inbound
<SECURITYSERVER>
TCP
4172
PCoIP
PCoIP Connection Establishment
Mandatory
<EXTERNALCLIENT>
<CLIENTPORT>
Both
<SECURITYSERVER>
UDP
4172
PCoIP
PCoIP Data Transmission
Mandatory
DMZ Firewall Rules (правила между Security Server и Connection Server в демилитаризованной зоне)
Source IP
Source Port
Direction
Destination IP
Transport Protocol
Dest. Port
Application Protocol
Comment
Type
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
8009
AJP13
AJP-Data Traffic
Mandatory
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
4001
JMS
Java Messanging
Mandatory
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
80
HTTP
Used if SSL/HTTPS is not used on the Transfer Server
HTTPS prefered
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
443
HTTPS
Communication with Transfer Server for the Offline Usage of VDIs
<SECURITYSERVER>
<CLIENTPORT>
Both
<VIEWAGENT>
UDP
4172
PCoIP
PCoIP Data Transmission
Mandatory
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
3389
RDP
Remote Desktop Protocol
Optional
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
4172
PCoIP
PCoIP Connection Establishment
Mandatory
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
32111
USB-Redirection
Optional
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
9427
Multi Media Redirection, RDP-Connections only
Optional
Connection Server Rules (правила между Connection Server и сервером Active Directory)
Source IP
Source Port
Direction
Destination IP
Transport Protocol
Dest. Port
Application Protocol
Comment
Type
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<ACTIVEDIRECTORYSERVER>
TCP
389
LDAP
Active Directory Authentication
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<ACTIVEDIRECTORYSERVER>
UDP
389
LDAP
Active Directory Authentication
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Both
<CONNECTIONSERVER>
TCP
4100
JMSIR
Inter-Server Communication
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Both
<CONNECTIONSERVER>
TCP
389
LDAP
ADAM
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Both
<CONNECTIONSERVER>
TCP
636
LDAPS
AD LDS
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Both
<CONNECTIONSERVER>
TCP
1515
Microsoft Endpoint Mapper
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Both
<CONNECTIONSERVER>
TCP
4001
JMS
Java Messanging
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Both
<CONNECTIONSERVER>
TCP
8009
AJP13
AJP-Data Traffic
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Both
<TRANSFERSERVER>
TCP
8009
AJP13
AJP-Data Traffic
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<TRANSFERSERVER>
TCP
80
HTTP
Used if SSL/HTTPS is not used on the Transfer Server
HTTPS prefered
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<TRANSFERSERVER>
TCP
443
HTTPS
Communication with Transfer Server for the Offline Usage of VDIs
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<TRANSFERSERVER>
TCP
4001
JMS
Java Messanging
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<TRANSFERSERVER>
TCP
4100
JMSIR
Inter-Server Communication
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<TRANSFERSERVER>
TCP
8009
AJP13
AJP-Data Traffic
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<VCENTERSERVER>
TCP
18443
SOAP
View Composer Communication
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<VCENTERSERVER>
TCP
443
HTTPS
vCenter Communication
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Both
<VIEWAGENT>
TCP
4001
JMS
Java Messanging
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Outbound
<RSASERVER>
UDP
5500
RSA Secure ID Authentication
Optional
<INTERNALCLIENT>
<CLIENTPORT>
Outbound
<CONNECTIONSERVER>
TCP
80
HTTP
Used if SSL/HTTPS is not used on the Connection Server
HTTPS prefered
<INTERNALCLIENT>
<CLIENTPORT>
Outbound
<CONNECTIONSERVER>
TCP
443
SSL
Communication between View Client and View Connection Server. Authentication etc.
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
8009
AJP13
AJP-Data Traffic
Mandatory
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
4001
JMS
Java Messanging
Mandatory
Transfer Server Rules (правила связи Transfer Server с клиентами, Security и Connection серверами)
Source IP
Source Port
Direction
Destination IP
Transport Protocol
Dest. Port
Application Protocol
Comment
Type
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
80
HTTP
Used if SSL/HTTPS is not used on the Transfer Server
HTTPS prefered
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
443
HTTPS
Communication with Transfer Server for the Offline Usage of VDIs
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
80
HTTP
Used if SSL/HTTPS is not used on the Transfer Server
HTTPS prefered
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
443
HTTPS
Communication with Transfer Server for the Offline Usage of VDIs
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
8009
AJP13
AJP-Data Traffic
Mandatory
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
4100
JMSIR
Inter-Server Communication
Mandatory
<SECURITYSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
4001
JMS
Java Messanging
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
4001
JMS
Java Messanging
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
4100
JMSIR
Inter-Server Communication
Mandatory
<CONNECTIONSERVER>
<CLIENTPORT>
Inbound
<TRANSFERSERVER>
TCP
8009
AJP13
AJP-Data Traffic
Mandatory
<TRANSFERSERVER>
<CLIENTPORT>
Outbound
<VSPHEREHOST>
TCP
902
Used if SSL/HTTPS is not used on the Connection Server
Mandatory
View Agent Rules (связь View Agent в гостевой ОС с клиентом и Connection Server)
Source IP
Source Port
Direction
Destination IP
Transport Protocol
Dest. Port
Application Protocol
Comment
Type
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
3389
RDP
Remote Desktop Protocol
Optional
<INTERNALCLIENT>
<CLIENTPORT>
Both
<VIEWAGENT>
UDP
4172
PCoIP
PCoIP Data Transmission
Mandatory
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
4172
PCoIP
PCoIP Connection Establishment
Mandatory
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
9472
Multi Media Redirection, RDP-Connections only
Optional
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
32111
USB-Redirection
Optional
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
42966
HP RGS
HP Remote Graphics Server
Optional
<VIEWAGENT>
<CLIENTPORT>
Outbound
<CONNECTIONSERVER>
TCP
4001
JMS
Java Messanging
Mandatory
View Client Rules Int (правила для внутреннего клиента View без использования Security Server)
Source IP
Source Port
Direction
Destination IP
Transport Protocol
Dest. Port
Application Protocol
Comment
Type
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
3389
RDP
Remote Desktop Protocol
Optional
<INTERNALCLIENT>
<CLIENTPORT>
Both
<VIEWAGENT>
UDP
4172
PCoIP
PCoIP Data Transmission
Mandatory
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
4172
PCoIP
PCoIP Connection Establishment
Mandatory
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
9472
Multi Media Redirection, RDP-Connections only
Optional
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
32111
USB-Redirection
Optional
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<VIEWAGENT>
TCP
42966
HP RGS
HP Remote Graphics Server
Optional
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
80
HTTP
HTTPS Prefred
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
443
HTTPS
View Client Rules Ext (правила для внешнего клиента View, работающего через Security Server)
Source IP
Source Port
Direction
Destination IP
Transport Protocol
Dest. Port
Application Protocol
Comment
Type
<EXTERNALCLIENT>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
80
HTTP
HTTPS Prefred
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
443
HTTPS
<INTERNALCLIENT>
<CLIENTPORT>
Both
<CONNECTIONSERVER>
UDP
4172
PCoIP
PCoIP Data Transmission
Mandatory
<INTERNALCLIENT>
<CLIENTPORT>
Inbound
<CONNECTIONSERVER>
TCP
4172
PCoIP
PCoIP Connection Establishment
Mandatory
Трафик HTTP и HTTPS можно проксировать на уровне приложения. Любой другой трафик можно проксировать через прозрачную TCP-/UDP-Proxy.
Please enable JavaScript to view the comments powered by Disqus.
RSS
