cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

PBX Port Question

Go to solution
Chuck_Stevens
Level 6

‎02-16-2009 09:14 AM

Was talking to a Symantec (Veritas) support guy the other day, and the topic of firewall ports came up. I mentioned that we're only allowing TCP 13724 (vnetd) and 1556 (pbx) through our firewalls, and he mentioned that I need TCP 1557 also.  I've never heard of this one before; the only reference I can find mentions it as a "secondary" PBX port.  This port isn't listed in the Security and Encryption Guide, and my system runs fine without it.  Anyone come across this before?

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
CRZ
Level 6
Employee Accredited Certified

‎02-18-2009 10:00 AM

From what I gather, we USED to use 1557 for "inside" connections (that is, localhost to localhost) but we don't now...probably because the IANA says it isn't ours!

 

Now, we pick an anonymous port for those communications.  Here's an excerpt from the output of a `netstat` from my test box running 6.5.3:

 

localhost.1557             *.*                0      0 49152      0 LISTEN
localhost.32787            *.*                0      0 49152      0 LISTEN
localhost.32791      localhost.32787      49152      0 49152      0 ESTABLISHED
localhost.32787      localhost.32791      49152      0 49301      0 ESTABLISHED
localhost.32793      localhost.32787      49152      0 49152      0 ESTABLISHED
localhost.32787      localhost.32793      49152      0 49301      0 ESTABLISHED
localhost.32795      localhost.32787      49152      0 49152      0 ESTABLISHED
localhost.32787      localhost.32795      49152      0 49152      0 ESTABLISHED

 

As you can see, I still have an open on 1557 - if it's available, we'll grab it...it's considered "legacy" behaviour.  If 1557 isn't available, no harm, no foul.  It doesn't matter because all the "inside" connections are taking place on 32787 in this example.

 

[ How do I KNOW these are PBX?  Well....I cheated and used `lsof` before I ran my netstat so I knew what to cut-n-paste here.  ;) ]

 

1556 should be the only one you have to worry about as far as outside connections coming in, whether PBX grabs 1557 or not.

 

I couldn't find this documented anywhere, unfortunately.

 

View solution in original post

0 Kudos
6 REPLIES 6

Go to solution
Stumpr2
Level 6

‎02-16-2009 09:33 AM

I am not familiar with that port and it is NOT in the document.

 

VERITAS NetBackup (tm) 6.0 Port Usage Guide for Windows and UNIX Platforms

http://support.veritas.com/docs/281623

 

0 Kudos

Go to solution
Nicolai
Moderator
Moderator
Partner    VIP   

‎02-17-2009 04:32 AM

Nor does port 1557 belong to Symantec, IANA well known port numbers show:

 

arbortext-lm    1557/tcp    ArborText License Manager

 

 

 

Regards

Nicolai

0 Kudos

Go to solution
Karthikeyan_Sun
Level 6

‎02-17-2009 11:51 PM

Did u get any updates from Symantec Guy for wat that 1557 Port ??
0 Kudos

Go to solution
Chuck_Stevens
Level 6

‎02-18-2009 08:25 AM

No; the issue we were discussing was resolved, and I haven't had a chance to get back to him.  I'll shoot him an email and see what he says.
0 Kudos

Go to solution
CRZ
Level 6
Employee Accredited Certified

‎02-18-2009 10:00 AM

From what I gather, we USED to use 1557 for "inside" connections (that is, localhost to localhost) but we don't now...probably because the IANA says it isn't ours!

 

Now, we pick an anonymous port for those communications.  Here's an excerpt from the output of a `netstat` from my test box running 6.5.3:

 

localhost.1557             *.*                0      0 49152      0 LISTEN
localhost.32787            *.*                0      0 49152      0 LISTEN
localhost.32791      localhost.32787      49152      0 49152      0 ESTABLISHED
localhost.32787      localhost.32791      49152      0 49301      0 ESTABLISHED
localhost.32793      localhost.32787      49152      0 49152      0 ESTABLISHED
localhost.32787      localhost.32793      49152      0 49301      0 ESTABLISHED
localhost.32795      localhost.32787      49152      0 49152      0 ESTABLISHED
localhost.32787      localhost.32795      49152      0 49152      0 ESTABLISHED

 

As you can see, I still have an open on 1557 - if it's available, we'll grab it...it's considered "legacy" behaviour.  If 1557 isn't available, no harm, no foul.  It doesn't matter because all the "inside" connections are taking place on 32787 in this example.

 

[ How do I KNOW these are PBX?  Well....I cheated and used `lsof` before I ran my netstat so I knew what to cut-n-paste here.  ;) ]

 

1556 should be the only one you have to worry about as far as outside connections coming in, whether PBX grabs 1557 or not.

 

I couldn't find this documented anywhere, unfortunately.

 

0 Kudos

Go to solution
Chuck_Stevens
Level 6

‎02-18-2009 10:03 AM

Thanks!
0 Kudos