The table below lists the ports and the protocols to remotely install the RHA Engine service on remote hosts through the Scenario Creation wizard or the remote installer.
The following ports must be open on firewalls between the RHA Control Service server and the CA RHA Engine servers:
- TCP Protocol requires ports 25000, 1025, 2666 & 2660
- UDP Protocol requires ports 135, 137, & 138
|Protocol/Port Name||Protocol Description and Purpose||Validation Method between Host systems (PSK, Cert, IP)||Encryption Used (if any)||Requested Between|
|TCP 25000||TCP/IP-based (app ISO level ) protocol for data replication and engines management.||Depending on scenario configuration RHA may send data and management commands in clear text or encrypt communication using Open SSL library. For example, the whole connection will be encapsulated into secure tunnel.||
If Open SSL is used then following ciphers may be used:
|Master and Replica Engine|
The GUI talks to CS (Management service) over HTTP or HTTPS.
During installation user may chose RHA CS to serve requests on HTTPS.
If user selected HTTPS on CS side, then RHA setup program provides the following choices:
|SSL||Control Service and Master (or Replica) Engine|
|UDP 135||Used by many programs and protocols. RHA specifically uses it for the remote installer. This is also used by the Microsoft EPMAP which is the DCE/RPC locator service used to remotely manage services such as DHCP servers.||See Windows documentation.||See Windows documentation.||
Not required unless installing remotely
|UDP 137||NetBIOS Name Service - Windows CIFS/SMB protocol family – used by RHA remote installer.||See Windows documentation.||See Windows documentation.|
|UDP 138||NetBIOS Datagram Service - Windows CIFS/SMB protocol family – used by RHA remote installer||See Windows documentation.||See Windows documentation.|