Skip to Content
avatar image
Former Member

Maximo Mobile Work Manager 7.5.2 with Agentry server 6.0.42: ports to open in firewall

Good afternoon,

We are currently running Maximo Mobile Work Manager 7.5.2 on stand-alone Agentry server 6.0.42, with back-end Maximo 7.1.1.11.

A single Agentry server resides in the DMZ, and the client is a Samsung Galaxy tab 2 tablet with Work Manager 6.0.38.

We are using Websphere with LDAP authentication.

It's been working just fine for the past 1.5 years.

Yes, we will be planning an upgrade to the SMP 3 platform later this year.

Today, there is a rule in the firewall that allow any TCP connections from the Maximo Mobile server to the Maximo application server, no ports numbers are specified.

However, the network security team has asked us to narrow it down to the port numbers.

I have attached a copy of our network architecture.

We've been reading several articles from your web site, including:

In setting an IBM Maximo mobile application in Agentry, what ports are needed to connect to Maximo using Native Authenti…

Configure settings to connect Agentry Server to Maximo WebSphere 6.1 LDAP Server - SAP Mobility - SCN Wiki

And also an IBM article: http://www-01.ibm.com/support/docview.wss?uid=swg21262022

That being said, we have open the port that is defined in the javabe.ini as the bootstrap address, in our example, port 2809

We also have defined and open the 2 ports below defined in the System properties of Maximo.

mxe.registry.port= 13400

mxe.rmi.port= 14000

However, after opening those 3 ports in the firewall and launching the Agentryserver.exe, as soon as I tried to synchronize with the ATE, there is a 4th port that is needed, and apparently it is a dynamic one, every time you restart the Maximo application server, a different port number is assigned.

It seems to be a port that Maximo/Websphere uses to authenticate the user when it connects to the LDAP server, I have attached a log file that the network team was able to pull during the synchronization (logMMWM.txtr).

The port used was 46776 and was just used to authenticate the user, after that only 13400 and 14000 were used.

As you can see in the log attached, it refers to ldap.airliquide.com:389 which is our ldap host name and port number, that's why I'm saying this port 46776 is only used for authentication.

Do you have any ideas where that port can be defined and made static instead of dynamic, so that way we can add it to the firewall rule?

Thanks for your help and input,

Jerome Patrizi

Air Liquide

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Jun 25, 2015 at 03:23 PM

    Hello guys,

    I believe I figured it out last night, it was a setting in Websphere

    called ORB_LISTENER_ADDRESS.

    The port was set at 0, which means that at each restart, a port number

    was dynamically assigned.

    Now that we have set a static port, it's always using the same port

    number after a restart.

    I'm still in testing phase, hopefully I do not have any new surprises

    on additional dynamic port, but so far it looks good.

    So we had to open 4 ports in the firewall after we made them static

    eitheir in Websphere or in Maximo system properties:

    1) bootstrap address port (Websphere and set in javaBe.ini)

    2) ORB_LISTENER_ADDRESS (Websphere)

    3) mxe.registry.port (Maximo system properties)

    4) mxe.rmi.port (Maximo system properties)

    Jerome

    Add comment
    10|10000 characters needed characters exceeded