How to open TCP/IP ports in RSA Identity Governance & Lifecycle
Originally Published: 2014-10-22
Article Number
Applies To
RSA Version/Condition: All
Issue
NOTE: Opening additional ports may represent a security threat.
Resolution
RedHat
Modify iptables:- Login to the server as the root user.
- Edit /etc/sysconfig/iptables
- Add the following line:
iptables -I RH-Firewall-1-INPUT -j ACCEPT -p tcp --destination-port ***** -i eth0
Replace "*****" with the port number you want opened, that port will be opened (available) for access.
- Save and exit /etc/sysconfig/iptables
- Restart the firewall with the command:
service iptables restart
SuSe
Add the relevant ports in the Advanced mode of the Firewall Allowed Services Yast module or edit SuSEfirewall2.Yast
- Login to the server as the root user.
- Start Yast:
Yast > Security & Users > Firewall > Allowed Services > Advanced
Add your ports as space delimited/separated lists in the appropriate row (TCP, UDP and so on). Ranges are designated by a colon; e.g. ten VNC ports from 5905 to 5914 would be 5905:5914. You may use service names instead of numerical ports; e.g. http and 80 are the same.
- Exit Yast. The firewall will be automatically restarted.
SuSEfirewall2
- Login to the server as the root user
- Edit /etc/sysconfig/SuSEfirewall2
- Append the port number(s) to the following string. For example, to open ports 21 22 and 1158:
FW_SERVICES_EXT_TCP="21 22 1158"
- Save and exit /etc/sysconfig/SuSEfirewall2
- Restart the firewall with the following commands:
For SuSE 11 SP3:
/etc/init.d/SuSEfirewall2_init restart /etc/init.d/SuSEfirewall2_setup restart
For SuSE 12 SP2:
systemctl restart SuSEfirewall2 SuSEfirewall2_init
Related Articles
Unable to open any workflow on RSA Identity Governance & Lifecycle 7.0.2 or 7.1.0 when deployed in a clustered environment… Number of Views RSA Identity Governance & Lifecycle requests stuck in an open state due to datafile resizing Number of Views SecurID: How to verify if TCP/UDP ports are allowed between a Linux machine and Authentication Manager. Number of Views RSA Authentication Manager 8.1 SP1 Web Tier installation fails with "The TCP port 7030 cannot be bound for an unknown reason" Number of Views RSA Authentication Manager 8.x Web Tier is not listening on TCP port 443 Number of Views
Trending Articles
AFX Server remains in a 'Not running' State, afx status shows 'timed out waiting for AFX applications to start' and mule_e… RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.7 SP1 Patch 1 Hotfix 1 RESTful Web Service Connector capability test fails with unauthorized (401) error when using Basic authentication in RSA G… RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide
Don't see what you're looking for?
