- Raritan Secure Gateway Administrator Guide

ManualsBrandsRaritan Engineering ManualsNetwork CardCommand Center CC-SG

241

242

243

244

245

246

247

248

249

250

APPENDIX B: CC-SG AND NETWORK CONFIGURATION 233

The first mode is the primary means for users and administrators to connect to CC-SG. The

other two modes are less frequently used. These modes require the following networking

configuration:

Communication Direction Port

Number

Protocol Purpose Configurable?

Client → CC-SG GUI 443 TCP HTTPS

Access

Client → CC-SG GUI 80 TCP HTTP Access

(redirect to

HTTPS)

Client → CC-SG GUI 8080 TCP Tomcat

Access

Client → CC-CLI SSH 22 TCP CC-SG CLI yes

Client → CC Diagnostic

Console

23 TCP Status and

Maintenance

yes

PC Clients to Targets

Another significant role of CC-SG is to connect PC clients to various targets (or endpoints).

These targets can be serial or KVM console connections to Raritan devices (called Out-of-Band

connections). Another mode is to use In-Band access (IBA) methods, for example, Virtual

Network Computer (VNC), Windows Remote Desktop (RDP), or Secure Shell (SSH).

Another facet of PC client to target communication is whether:

• The PC client connects directly to the target (either via a Raritan device or In-Band access),

which is called Direct Mode.

• Or, if the PC client connects to the target through CC-SG, which acts as an application firewall

and is called Proxy Mode.

Communication Direction Port

Number

Protocol Purpose Configurable?

Client → CC-SG via Proxy

→ Target

2400

(on CC-

SG)

TCP Proxy Mode no

Client → Raritan Target

(Direct Mode)

5000 (on

device)

TCP Raritan Direct yes

Client → Dominion SX →

(Direct Mode)

51000 TCP Target Access yes

CC-SG & Client for IPMI, iLO/RILOE, Etc.

Another significant role of CC-SG is to manage third-party devices, such as iLO/RILOE, Hewlett

Packard’s Integrated Lights Out/Remote Insight Lights Out servers. Targets of an iLO/RILOE

device are powered on/off and recycled directly. Intelligent Platform Management Interface

(IPMI) servers can also be controlled by CC-SG.

Communication Direction Port

Number

Protocol Purpose Configurable?

CC-SG → IPMI 623 UDP Device Discovery yes

CC-SG → iLO/RILOE (uses

HTTP ports)

80 or 443 UDP Device Discovery no