Protocols and Ports used by TRC

Technote (FAQ)


Question

Which ports are used and/or can configured for Tivoli Remote Control?

Answer

Protocols and Ports used by Tivoli Remote Control

Components

Component
Managed Mode
P2P Mode
Description
Server Yes No Management (users, targets, groups and policies) and end-user portal
Controller Yes Yes Client to take control of a remote system
Target Yes Yes Agent installed on the system to be remotely controlled
CLI Yes No Command-line interface to launch remote control session and execute remote commands
Gateway Yes No Provides support for NAT and Firewall traversal on the Intranet
Broker Yes No Provides support for remote control of out-of-sight target endpoints on the Internet
Player Yes Yes To playback session recordings

Protocols

HTTP(S)

All components in TRC use HTTP(S) when connecting to the TRC server. The TRC server runs on top of IBM WebSphere Application Server (WAS or eWAS).

Connect from
Connect To
Description
Controller Server Upload audit events, upload session recording, ...
Target Server Register, heartbeat, authorize session, download policies, upload audit events, upload session recording, update trust store
Target Gateway Connect to server via gateway tunnels
Broker Server Authenticate endpoints, update trust store
Broker Gateway Connect to server via gateway tunnels
Player Server Download recordings for playback
FORTHv2

FORTHv2 is TRC's native protocol for remote control sessions. It is used for the following types of connections:

Connect from
Connect To
Description
Controller Target Remote control session
Controller Controller Joint collaboration session
CLI Target Launch remote control session on remote system
Controller Gateway Locate and connect to endpoint via the gateway system
Gateway Controller Locate master controller for collaboration
Gateway Target Locate endpoints
Gateway Gateway Gateway control connections
FORTHv2 over TLS

For connections to the broker over the Internet, FORTHv2 is used on top of the industry standard Transport Security Layer protocol (TLS), the successor to Secure Sockets Layer (SSL).

Connect from
Connect To
Description
Controller Broker Initiate session via broker
Target Broker Accept session via broker
Broker Broker Broker control connections

Default Ports

Component
Protocol
Default Port
Can be disabled
Can be configured
Comments
Server (with embedded WebSphere) HTTP 80 Yes Yes Can be overridden in trc_server_setup
Server (with embedded WebSphere) HTTPS 443 Yes Yes Can be overridden in trc_server_setup
Server (with full WebSphere) HTTP 9080 Yes Yes Configured in WebSphere Administrative Console
Server (with full WebSphere) HTTPS 9443 Yes Yes Configured in WebSphere Administrative Console
Controller FORTHv2 8787-8781 Yes Only for P2P Used for collaboration, which can be disabled via policy
Target FORTHv2 888 No Yes
The gateway and broker do not have default ports. All ports need to be chosen by the Administrator and configured in the configuration file.

FORTHv2 Encryption

FORTHv2 connections are always encrypted. Originally, IBM's MARS cipher was used to encrypt FORTHv2 traffic but support for AES was added in version 5.1.2. From version 8.2.0 onwards, AES is used by default and MARS is only supported when connecting to a system that hasn't been upgraded yet.

5.1.0
5.1.2
8.2.0
8.2.1
Default Cipher MARS MARS AES AES
FIPS Cipher N/A AES AES AES
Backwards Compatibility Ciphers N/A N/A MARS MARS
Broker Connections N/A N/A N/A TLS

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Tivoli Remote Control

Software version:

5.1.2

Operating system(s):

Platform Independent

Reference #:

1607975

Modified date:

2014-08-12

Translate my page

Machine Translation

Content navigation