CMM - preparing site firewalls and proxies for call-home feature

You must configure your firewalls and proxy server to enable operation of the CMM call-home feature, if you have firewalls in your network.

The CMM must be able to access remote systems over the Internet to deliver call-home information. To enable this access, you must configure the firewalls and proxies in your network to allow access by the CMM.

Complete the following steps to configure the firewalls and proxies in your network:

Identify the CMM ports that you will use for your systems-management configuration (see Table 1) and make sure that these ports are open.
- In the CMM web interface, select the Port Assignments tab from the Mgt Module Management > Network page. Ensure that the ports you plan to use for your systems-management configuration are open. All fields and options are fully described in the CMM web interface online help.
- In the CMM CLI, use the ports command (see ports command for information about command use).

Make sure that a connection exists to the Internet address in Table 1 that is required by the CMM call-home feature.

Note:

IP addresses can change, so use the DNS name when possible.
If your CMM is configured for secure operation, the FTP port (port 21) will be disabled.

Table 1. Required connections for the CMM call-home feature
DNS name	IP address	Port(s)	Protocol(s)
www-945.ibm.com	IPv4: 129.42.26.224 129.42.42.224 129.42.50.224 IPv6: 2620:0:6C0:1::1000 2620:0:6C2:1::1000 2620:0:6C4:1::1000	443 (HTTPS) 80 (default listener port) 21 (FTP) 22 (SFTP)	https, ftps
The following connections might not be required in all cases:
eccgw01.boulder.ibm.com	207.25.252.197	443	https
eccgw02.rochester.ibm.com	129.42.160.51	443	https
www6.software.ibm.com	170.225.15.41	443	https
www.ibm.com	129.42.56.216, 129.42.58.216, 129.42.60.216	443 80 (optional)	https, http
www-03.ibm.com	204.146.30.17	443 80 (optional)	https, http

If the CMM does not have direct Internet access with your network configuration, make sure that the selected proxy server is configured to use basic authentication.

Make sure that the following items in the CMM are configured to support call-home communication using your network:

Enable DNS in the CMM and configure it to match the DNS settings for your network.
- In the CMM web interface, select the DNS tab from the Mgt Module Management > Network page, and check the Enable DNS checkbox. Ensure that the DNS settings match the DNS settings for your network. All fields and options are fully described in the CMM web interface online help.
- In the CMM CLI, use the dns command (see dns command for information about command use).
If required for your network, enable the CMM service advisor HTTP proxy and configure it to match the proxy settings for your network.
- In the CMM web interface, select the IBM Support tab from the Service and Support > Settings page. In the Outbound Connectivity section, check the Use proxy checkbox, then click Apply. All fields and options are fully described in the CMM web interface online help.
- In the CMM CLI, use the chconfig command (see chconfig command for information about command use).
Configure CMM service advisor contact information.
- In the CMM web interface, select the IBM Support tab from the Service and Support > Settings page. Enter the service advisor contact information in the Contact Information section, then click Apply. All fields and options are fully described in the CMM web interface online help.
- In the CMM CLI, use the chconfig command (see chconfig command for information about command use).
Accept all CMM service advisor terms and conditions and enable the CMM service advisor.
- In the CMM web interface, select the IBM Support tab from the Service and Support > Settings page. Check the Enable IBM Support checkbox, then click Apply. All fields and options are fully described in the CMM web interface online help.
- In the CMM CLI, use the chconfig command (see chconfig command for information about command use).

Preparing site firewalls and proxies for the CMM call-home feature