OVPA Interprocess Communication


OVPM Interprocess Communication


NAT Firewall Support Between OVPM and OVPA

NOTE: The product names used in this section are OVPA and OVPM, even though the names were different for earlier versions, as shown in the reference table.

Starting with OVPM C.03.00.00, the products support retrieving of data from any OVPA version C.00.xx or later through a firewall which uses NAT translated IP addresses.

The translated IP addresses defined in the firewall must be static NAT addresses. There is no product configuration necessary to support communication through a NAT firewall beyond the configuration needed to support communication through a firewall that does not use the NAT feature. The domain name servers on the systems must return the NAT translated IP addresses for the systems with translated addresses, not the real IP addresses.

 

OVPM C.03.00.00 can get data from any version C.00.xx or later of OVPA through a NAT firewall. OVPM C.03.00.00 or later can send alarms through a NAT firewall to OVPM C.03.00.00 or later.


Product and Firewall Configuration

The steps to configure OVPA, OVPM, and the firewall are described below:

1. Determine a suitable range of ports for the products to use. It is important that you select a range large enough to avoid running out of port resources at runtime. Determining a suitable range will depend greatly on the services that you expect to use.


For more information on how to determine the suitable range of ports for specific OVPM versions to get data from specific OVPA versions refer to:

OVPA versions C.03.00.00 or later --> OVPM versions C.03.00.00 or later
OVPA versions C.03.00.00 or later --> OVPM versions C.00.xx through C.02.xx

2. Configure OVPM and OVPA on UNIX to utilize the specified port range.

3. Configure your firewall to allow communication through the specified port range and protocols. The configuration of the port numbers depends on the versions of the products.

 

next