Skip to Content
Former Member
Jun 23, 2015 at 05:27 PM

Maximo Mobile Work Manager 7.5.2 with Agentry server 6.0.42: ports to open in firewall


Good afternoon,

We are currently running Maximo Mobile Work Manager 7.5.2 on stand-alone Agentry server 6.0.42, with back-end Maximo

A single Agentry server resides in the DMZ, and the client is a Samsung Galaxy tab 2 tablet with Work Manager 6.0.38.

We are using Websphere with LDAP authentication.

It's been working just fine for the past 1.5 years.

Yes, we will be planning an upgrade to the SMP 3 platform later this year.

Today, there is a rule in the firewall that allow any TCP connections from the Maximo Mobile server to the Maximo application server, no ports numbers are specified.

However, the network security team has asked us to narrow it down to the port numbers.

I have attached a copy of our network architecture.

We've been reading several articles from your web site, including:

In setting an IBM Maximo mobile application in Agentry, what ports are needed to connect to Maximo using Native Authenti…

Configure settings to connect Agentry Server to Maximo WebSphere 6.1 LDAP Server - SAP Mobility - SCN Wiki

And also an IBM article:

That being said, we have open the port that is defined in the javabe.ini as the bootstrap address, in our example, port 2809

We also have defined and open the 2 ports below defined in the System properties of Maximo.

mxe.registry.port= 13400

mxe.rmi.port= 14000

However, after opening those 3 ports in the firewall and launching the Agentryserver.exe, as soon as I tried to synchronize with the ATE, there is a 4th port that is needed, and apparently it is a dynamic one, every time you restart the Maximo application server, a different port number is assigned.

It seems to be a port that Maximo/Websphere uses to authenticate the user when it connects to the LDAP server, I have attached a log file that the network team was able to pull during the synchronization (logMMWM.txtr).

The port used was 46776 and was just used to authenticate the user, after that only 13400 and 14000 were used.

As you can see in the log attached, it refers to which is our ldap host name and port number, that's why I'm saying this port 46776 is only used for authentication.

Do you have any ideas where that port can be defined and made static instead of dynamic, so that way we can add it to the firewall rule?

Thanks for your help and input,

Jerome Patrizi

Air Liquide