Firewalls

If the Prognosis software is being installed on a network that is configured to prevent connections between machines by the use of firewalls, then this may also prevent Prognosis from making connections between servers.

In situations where only the MS Windows firewall is being used, the installer will automatically make the necessary settings. In other cases, the firewall settings will need to be made manually. The following section provides details.

Windows Firewall with Advanced Security (Windows Server 2008 R2-SP1 or later)

If there are any firewall rules that block port 22 or port 443 the installer will disable them and add a new firewall rule that will allow these ports access.

Windows Firewall Active

When the Windows Firewall service is running, then the installation will automatically make the following changes:

For Management/Monitoring Server installation, the following five firewall rules will be added in order to allow network connectivity and CDR delivery:

Prognosis - Server Connectivity (%PROGNOSIS_INSTALL%\Server\x64\irnetrtr.exe)

Prognosis - Avaya PBX CDR Delivery (%PROGNOSIS_INSTALL%\Server\x64\irAVAYA_PBX.exe)

Prognosis - Avaya Legacy CDR Delivery (%PROGNOSIS_INSTALL%\Server\x64\irAVAYA_Legacy.exe)

Prognosis - Avaya Definity CDR Delivery (%PROGNOSIS_INSTALL%\Server\x64\irAVAYA_DEFINITY.exe)

Prognosis - Avaya RTCP CDR Delivery (%PROGNOSIS_INSTALL%\Server\x64\irrtcpcol.exe)

In addition, if a Management/Monitoring Server is selected and a Collaborate license is used (with TMA, SBM, or TCE product codes), one firewall rule will be added to allow CDR delivery:

Prognosis - CDR Delivery (Port 22 with TCP protocol)

If the Web Application is selected, one firewall rule will be added to allow the Web Application access:

Prognosis - Secure Web Site (Port 443 with TCP protocol)

If port 443 is not available the installer will check the availability of port 8080, if this is not available it will continue to search incrementing the port number by 1 each time (i.e. 8081, 8082 etc) until an available port is found.

Windows Firewall Inactive

If the Windows Firewall service is not running, then no changes will be made by the installation.

Other MS Windows Firewall Applications

The firewall will need to be manually configured to provide access for the following application:

Server Connectivity (%PROGNOSIS_INSTALL%\Server\x64\irnetrtr.exe)

In addition, for Collaborate:

Avaya PBX CDR Delivery (%PROGNOSIS_INSTALL%\Server\x64\irAVAYA_PBX.exe)

Avaya Legacy CDR Delivery (%PROGNOSIS_INSTALL%\Server\x64\irAVAYA_Legacy.exe)

Avaya Definity CDR Delivery (%PROGNOSIS_INSTALL%\Server\x64\irAVAYA_DEFINITY.exe)

Avaya RTCP CDR Delivery (%PROGNOSIS_INSTALL%\Server\x64\irrtcpcol.exe)

CDR Delivery (Port 22 with TCP protocol)

UNIX

The firewall will need to be manually configured to provide access for the following application:

Prognosis - Server Connectivity (irnetrtr.exe)

HPE NonStop

The base port 1960 plus any necessary vendor specific ports will need to be opened manually across the Firewall. Please refer to the Port Requirements for details of the required ports.

In order to establish network connections, the port number will need to be opened on the Firewall in the direction of the connection. The Prognosis Servers make one TCP/IP connection between them, and that connection is used for all traffic between the servers.

Uninstallation

Uninstallation of the product will revert all firewall settings that have been made, except overriding Don't allow exceptions on Windows with old Windows Firewall.

Remove added rules/exceptions

Enable disabled rules

Not reverting Don't allow exceptions

Provide feedback on this article