ITMS Administrator Group

 View Only

  • 1.  Ports needed for Site Server to CEM gateway

    Posted Apr 21, 2016 11:31 AM

    Hi After looking at the follwing links, I am still not clear what port needs to be opened up between Site Server and CEM gateway and how to customize it. Please if someone can help. 

    CEM to SMP is very clear but for Site server there is no mention how the communication will occure. 

     

    http://www.symantec.com/connect/forums/ports-be-opened-site-server-cloud-enabled-management

    https://support.symantec.com/en_US/article.DOC6770.html

     



  • 2.  RE: Ports needed for Site Server to CEM gateway

    Posted Apr 21, 2016 11:52 AM
      |   view attached

    Should be 443.

     



  • 3.  RE: Ports needed for Site Server to CEM gateway

    Posted Apr 21, 2016 12:54 PM

    Assuming you haven't customized the defaults, TCP port 443 needs to be allowed from the gateway to each assigned site server.   If you're having problems getting site server communication to work, be sure you have defined the site servers in the Internet Gateway itself (the same way you define the NS) and assign those site servers to the appropriate "Internet Sites" within the console.   

    Specific steps can be found in the CEM whitepaper :

    https://support.symantec.com/en_US/article.DOC8125.html

     



  • 4.  RE: Ports needed for Site Server to CEM gateway

    Broadcom Employee
    Posted Apr 22, 2016 02:07 AM

    By default, on the Site Server, the CEM port is 443. It can be customized in the "Cloud-enabled Management Site Server Settings" policy located under Settings->Notification Server->Cloud-enabled Management.When you assign the port in this policy and assign Site Server to proper CEM site as JoeVan wrote above, this policy will come to your Site Server and create required binding in IIS automatically. This also happens when port value is changed in the policy: all Site Servers will receive the change and re-create the binding.

    On the Gateway: in order the whole chain to work (Client<->IG<->SiteServer) you also need to add the Site Server description into the gateway UI, as JoeVan mentioned. This description need to be updated manually when you change the port in "Cloud-enabled Management Site Server Settings" policy. When choosing the ports, be aware that on the Gateway, no other application should use those which you assign in the gateway, e.g. if IIS is installed on the gateway by some reason then they will be conflicting if using the same ports.

    Here is a couple of quite good articles describing how to configure and troubleshoot HTTPS and CEM, which could be worth reading:

    https://www-secure.symantec.com/connect/articles/how-install-cem-functionality-smp-75-sp1

    https://www-secure.symantec.com/connect/articles/about-different-cases-troubleshooting-cem-functionality

    UPD: Corrected above: 4726 is the default for 8.0. For pre 8.0 it is 443.