User`s guide
Application or Service Port Description
OS Provisioning ServerRepository Server 21307 Local port connecting to the OS
Provisioning Server web service
listening for provisioning requests
from VCM.
Table 6–2. VCM Ports
Provisioning Network Firewall Configuration
As an alternative to setting the specific ports, as specified above, you can add -A RH-Firewall-1-INPUT
-i eth1 -j ACCEPT to the /etc/sysconfig/iptables firewall configuration file to allow traffic on
all ports on the provisioning network.
Configure the OS Provisioning Server Firewall
Configure the firewall on your OS Provisioning Server to allow proper communication on the required
ports.
Prerequisites
Ensure that you do not accidentally lose your iptables changes. In the iptables-config file, determine if
IPTABLES_SAVE_ON_STOP or IPTABLES_SAVE_ON_RESTART are set to yes.
Procedure
1. On the OS Provisioning Server, log in as root.
2. Change directory to /etc/sysconfig.
3. In the /etc/sysconfig directory , open the iptables file.
4. Add -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 40607 -j
ACCEPT to the file to allow communication on port 40607:
For example (Note highlighted example below):
# Generated by iptables-save v1.3.5 on Fri Dec 3 14:51:10 2010
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [468:43292]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
vCenter Configuration Manager Hardware and Software Requirements Guide
50
VMware, Inc.