Resolution
Goal: What are TCP and UDP ports used by NetIQ application on the AS400?
Goal: What ports are used by the iSeries agent?
Goal: What ports are used by the iSeries agent for Log Manager?
Goal: What ports are used by the iSeries agent for Secure Configuration Manager?
Fact: NetIQ Security Solutions for iSeries 8.0
Fact: Agent for Security Manager Log Manager (SM/LM)
Fact: Agent for Secure Configuration Manager (SCM)
Fix:
The Agent Listening Port is 1622.
The Core Listening Port is 1626. The agent sends results to requester on this port using SSL, or port 1621 if not using SSL.
By default (as shipped), when subsystem ZPSE is active, the iSeries agent listens for requests on port 1622 (Agent Listening Port) and sends results on either 1621 (default Core Listening Port) or 1626 (SSL Core Listening Port).
The iSeries service table (WRKSRVTBLE) actually controls the ports used, provided TCP has been cycled after the changes were made.
You can verify the port status of a service using the PC command CWBPING which is installed with iSeries Client Access. For example, the following command will determine if the NetIQ agent is running on iSeries server AS400P01:
cwbping AS400P01 /port:1622
If the agent is running, you will receive the message "Successfully connected to server application: #1622".