Cisco Cisco Prime Central 1.5.2 Installation Guide
The system administrator should...
Used by...
Protocol
Exposure
Port No.
Prime Central Integration Layer
Allow a dynamic range from 1099 to the number
of integration layer registrations; for example,
1103. Set aside a range of 10 ports.
of integration layer registrations; for example,
1103. Set aside a range of 10 ports.
Karaf JMX RMI registry (Prime
Central integration layer
management)
Central integration layer
management)
TCP
Private
1099–1103
Allow a dynamic range from 8101 to the number
of integration layer registrations; for example
8105. Set aside a range of 10 ports.
of integration layer registrations; for example
8105. Set aside a range of 10 ports.
Karaf SSH shell
TCP
Private
(localhost)
(localhost)
8101–8105
Only allow access to this port from localhost,
unless alarm management NBI access is required.
If so, enable access from the alarm management
client machines and apply a rate-limiting policy.
unless alarm management NBI access is required.
If so, enable access from the alarm management
client machines and apply a rate-limiting policy.
Alarm management northbound
interface (NBI)
interface (NBI)
TCP
Private/Public
9020
Only allow access to this port from localhost,
unless MTOSI NBI access is required. If so,
enable access from the MTOSI client machines
and apply a rate-limiting policy.
unless MTOSI NBI access is required. If so,
enable access from the MTOSI client machines
and apply a rate-limiting policy.
Multi-Technology Operations
System Interface (MTOSI)
WS-SOAP NBI
System Interface (MTOSI)
WS-SOAP NBI
TCP
Private/Public
9110
Only allow access to this port from localhost,
unless 3GPP NBI access is required. If so, enable
access from the 3GPP client machines and apply
a rate-limiting policy.
unless 3GPP NBI access is required. If so, enable
access from the 3GPP client machines and apply
a rate-limiting policy.
3GPP NBI
TCP
Private/Public
9220
Only allow access to this port from localhost,
unless Prime Central uses a dual-server
(distributed) installation. If so, enable access from
the Prime Central portal and apply a rate-limiting
policy.
unless Prime Central uses a dual-server
(distributed) installation. If so, enable access from
the Prime Central portal and apply a rate-limiting
policy.
Ephemeral ports
TCP
Private/Public
32768–
61000
61000
Allow a dynamic range from 44444 to the number
of integration layer registrations; for example
44448. Set aside a range of 10 ports.
of integration layer registrations; for example
44448. Set aside a range of 10 ports.
Karaf JMX RMI server (Prime
Central integration layer
management)
Central integration layer
management)
TCP
Private
44444–
44448
44448
Only allow access to this port from localhost,
unless Prime Central uses a dual-server
(distributed) installation with JMS NIO Failover
transport. If so, enable access from the Prime
Central portal and apply a rate-limiting policy.
unless Prime Central uses a dual-server
(distributed) installation with JMS NIO Failover
transport. If so, enable access from the Prime
Central portal and apply a rate-limiting policy.
JMS NIO Failover transport
TCP
Private/Public
61614
Only allow access to this port from localhost,
unless Prime Central uses a dual-server
(distributed) installation with JMS SSL transport.
If so, enable access from the Prime Central portal
and apply a rate-limiting policy.
unless Prime Central uses a dual-server
(distributed) installation with JMS SSL transport.
If so, enable access from the Prime Central portal
and apply a rate-limiting policy.
Java Message Service (JMS) Secure
Sockets Layer (SSL) transport
Sockets Layer (SSL) transport
TCP
Private/Public
61615
9