3 Replies Latest reply on Jun 23, 2015 6:32 PM by nicole pauls

    Agent Ports

    droidsteve

      Is it possible to change the ports the LEM and Agent use for communication? i.e. change 37890-37892 to a single static port? (DISA STIG)

        • Re: Agent Ports
          akak925

          I believe you cannot change the port to a single static port as it is the way how the agent design to be, in order to send the traffic from agent to LEM Appliance.

          Port.JPG

           

          For LEM Appliance, as you do not have root access to the appliance, hence by default beside the provided command, it is impossible to change anything on the appliance itself.

            • Re: Agent Ports
              curtisi

              Port 37890 is only used by Agents when they first run, to kick off the certificate exchange.  Then they move to 37892.  37891 is a back-up port, and provided in case you're running old Agent software.

            • Re: Agent Ports
              nicole pauls

              There is a way using configuration files on both ends to change this, if necessary, but those 37890-37892 ports outbound are actually static and you will still need at least 1 of them (as Curtis mentioned, you can close 37890 after initial connection, and it's unlikely you'll see 37891).

               

              The ports that will be used to connect to 37890-37892 are also fixed and in a configuration file, in case you need to change the initiating end.