Firewall Wizards mailing list archives
Re: AS400 ports
From: Kim E Pihl <kim () alcom aland fi>
Date: Mon, 27 Dec 1999 04:37:53 +0200
It's true that there are IBM specific ports used but is'nt it CA/400 you are talking about , I belive the pure AS7400 product was named that and together with Personal Comunicator who also have interfaces to MF and 3270 support. To answer Josheps question there are the standard ports as the RFCs describes them , with an exemption in FTP where IBM tries to make an own stadard by truncating spaces. To the CA/400 ports who are,directly quoted from IBMs redbook SG24-5191-00 Client Access express for Windoze: there can be a fuzz for your mailreader but the book is online and it's free to download ! For MQ-series and Loutus notes there are a handful ports as well but I've never needed to have the installed yet so I belive it's just to investigate the manuals to find out the ports. With regards and greetings from Finland Kim
The ports listed in the following table are the NetBIOS over TCP/IP ports used by AS/400 NetServer. Table 3. NetBIOS Ports Used by AS/400 NetServer Note that AS/400 NetServer does not support SSL. Server names and jobs associated with the TCP/IP ports that are used by Client Access Express for Windows are listed in Table 4 on page 67. When a user enters the NETSTAT *CNN command from a green screen interface to see the active TCP/IP communication ports, by default the server name is listed, not the active port number, as shown in Figure 76. To display the port numbers, press F14 (shift F2). Figure 76. NETSTAT *CNN Command Showing Active Client Access Server Names Network Print (E) 8474 9474 Remote Command (E) 8475 9475 Signon Verification (E) 8476 9476 Ultimedia Services (E) 8480 9480 Note: Client Access ports use TCP and those marked with an "*" symbol also use UDP. Function Port Protocol netbios 137 TCP netbios 137 UDP netbios 138 UDP netbios 139 TCP Function Port Non-SSL Port SSL Work with TCP/IP Connection Status System: AS400 Local internet address . . . . . . . . . . . : *ALL Type options, press Enter. 4=End 5=Display details Remote Remote Local Opt Address Port Port Idle Time State * * as-dtaq 002:22:38 Listen * * as-file 000:05:10 Listen * * as-netprt 000:36:26 Listen * * as-rmtcmd 000:21:34 Listen * * as-signon 000:00:09 Listen * * as-netd > 039:04:35 Listen * * as-tran > 039:04:17 Listen * * as-vrtp > 039:04:18 Listen * * as-usf 004:44:04 Listen 9.5.62.27 1026 telnet 000:05:38 Established 9.5.62.27 1092 as-rmtcmd 000:49:11 Established More... F5=Refresh F11=Display byte counts F13=Sort by column F14=Display port numbers F22=Display entire field F24=More keys Table 4 lists the server names used by Client Access Express for Windows and the function associated with each. This table lists the Client Access Host Servers, along with others, such as Telnet, that Client Access Express for Windows uses for some of its functionality on a V4R4 AS/400 system. Table 4. Functions of Client Access Express and Their Jobs For a function listed on this table to work with Client Access Express for Windows, the server name associated with it must be listed in the Work with TCP/IP Connection Status screen in a Listen status. For a server to be in an active listening status there must be a daemon job running for it. Actually, the daemon job is the server. Some server daemon jobs are responsible for the entire function, but most of them route the communications to the application job. These are often prestart jobs. Table 4 also lists the daemon job and prestart job, if there is one, for the function. This is discussed in much greater detail in the book Client Access Express Host Servers - Version 4, SC41-5740. Function Server Name(SSL) Subsystem/Prestart Job Subsystem/Daemon Job Server Mapper as-svrmap --None-- QSYSWRK/QZSOSMAPD License Management as-central(-s) QUSRWRK/QZSCSRVS QSYSWRK/QZSCSRVSD Database Access as-database(-s) QSERVER/QZDASOINIT QSERVER/QZDASSINIT(SSL) QSERVER/QZDASRVSD Data Queues as-dtaq(-s) QUSRWRK/QZHQSSRV QSYSWRK/QZHQSRVD Network Print as-netprt(-s) QUSRWRK/QNPSERVS QSYSWRK/QNPSERVSD Remote Command as-rmtcmd(-s) QUSRWRK/QZRCSRVS QSYSWRK/QZRCSRVSD Signon Verification as-signon(-s) QUSRWRK/QZSOSIGN QSYSWRK/QZSOSGND PC5250 Emulation telnet(-ssl) --None-- QSYSWRK/QTVTELNET Ultimedia Services as-usf(-s) QSYSWRK/QUMBPJTC QSYSWRK/QUMBDMN Management Central as-mgtctrl(-s) --None-- QSYSWRK/QYPSSRV HTTP Administration as-admin-http(-s) --None-- QHTTPSVR/ADMIN Some of the Client Access Host Server prestart jobs are listed as running in subsystem QUSRWRK. This is a new subsystem for V4R4 of OS/400. In previous releases, these prestart jobs ran in the subsystem QSYSWRK. Note
"daN." wrote:
Joseph, That kind of depends on what applications you want to let through, If your AS/400 is running a newer version of DB400 it will have an IP stack, in which case you are probably talking about either a telnet connection or an HTTP session for database queryies/data entry/terminal sessions etc.. If you are running an older version of DB400 then you are probably running your terminal sessions over an SNA server (such as microsoft SNA server) in which case I'm not sure what ports it uses sorry.. At 08:18 AM 12/21/99 -0800, Joseph McKinney wrote:I need to let my AS400 go through the firewall. Anyone know what ports ( tcp & udp ) that the as400 uses? Joe McKinney System Engineer Network Computing Architects (W) 408-342-9900 x15Dan Steele Network Administrator WestNet Management Corp.
Current thread:
- AS400 ports Joseph McKinney (Dec 22)
- Re: AS400 ports daN. (Dec 24)
- Re: AS400 ports Kim E Pihl (Dec 27)
- <Possible follow-ups>
- RE: AS400 ports bparis (Dec 28)
- Re: AS400 ports daN. (Dec 24)