Use a Static CORBA Listener Port on the CTM Server

Available Languages

Download Options

  • PDF     (41.7 KB)
    View with Adobe Reader on a variety of devices
Updated:November 29, 2005
Document ID:68184

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Introduction

This document describes how to implement the static CORBA listener port on Cisco Transport Manager (CTM) server. This procedure reduces the number of TCP ports that need to be open on the firewall that exists between the CTM server and Network Elements (NEs).

Prerequisites

Requirements

Cisco recommends that you have knowledge of these topics:

  • CTM

Components Used

The information in this document is based on these software and hardware versions:

  • CTM version 4.6.x and later

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Topology

Figure 1 depicts the topology. A firewall separates the CTM server from the NEs. All NEs are inside the firewall and the CTM server is outside the firewall.

Figure 1 – Topology

ctmsvr_staticports_01.gif

Static CORBA Listener Port

A firewall between the CTM server and NEs is a supported configuration. The CORBA Internet Inter-ORB Protocol (IIOP) listener port on the CTM server is dynamic by default. Any firewall that exists between the CTM server and NEs must open a number of TCP ports. The number of TCP ports must be in the range of 1024 through 65535.

In order to reduce security risks, Cisco recommends that you use a static CORBA listener port on the CTM server. A static port reduces the number of TCP ports that need to be open on the firewall. Complete these steps:

  1. Browse to the /opt/CiscoTransportManagerServer/bin directory.

  2. Use ctms-stop to stop CTM.

  3. Use Telnet to log into the CTM server as root.

  4. Change directory to /opt/CiscoTransportManagerServer/bin.

  5. Edit the jne454.sh file to insert this line before the -classpath line (see arrow A in Figure 2).

    -Dong.orb.iioplistenerport = port number \

    The recommended port number is 5555. If 5555 is chosen, type -Dong.orb.iioplistenerport=5555 \:

    Figure 2 – Partial List of jne454.sh

    ctmsvr_staticports_02.gif

  6. Open a range of TCP ports on the firewall beginning with TCP port 5555, if the CTM server is outside the firewall. The range is subject to the number of NEs, but allow at least 150.

  7. Browse to the /opt/CiscoTransportManagerServer/bin directory again.

  8. Use ctms-start to restart CTM in order to implement the changes.

Related Information

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products