Share this page
Windows firewall settings
This topic describes Windows firewall settings.
Overview
If Windows Firewall is enabled on the machine on which OpenText Service Virtualization is installed, requests from remote services to OpenText Service Virtualization are blocked. To enable the required TCP/HTTP communication, OpenText Service Virtualization adds a set of exceptions to the Firewall. This set of inbound rules is maintained automatically by OpenText Service Virtualization, and does not generally require any manual configuration.
To change the automatic configuration settings, see Windows firewall and TCP port configuration.
For TCP listeners, a firewall exception is created for the OpenText Service Virtualization Server and Designer executable files.
For HTTP listeners, OpenText Service Virtualization uses the .NET HttpListener component to listen for HTTP/HTTPS requests. OpenText Service Virtualization cannot define an exception for the HttpListener executable itself, because HttpListener runs in a separate kernel process and is shared by all applications running on the machine. Instead, a firewall exception is created for all ports where the HttpListener component is used by the OpenText Service Virtualization Designer or Server to listen for HTTP/HTTPS requests.
The OpenText Service Virtualization components use the listeners as follows:
TCP Listener:
- SSL component of the HTTP Proxy agent
-
IMS agent
-
CICS TG
The OpenText Service Virtualization installer creates a firewall exception for the OpenText Service Virtualization Server and Designer executables.
.NET HttpListener
- HTTP Gateway agent
- HTTP port of the HTTP Proxy agent
- JDBC agent
- OpenText Service Virtualization Management API endpoint in unsecured mode
- HTTPS Gateway agent
- OpenText Service Virtualization Management API endpoint in secured mode
OpenText Service Virtualization creates firewall exceptions for the specific ports that the agents use, makes the relevant URL reservations, and registers an SSL certificate for each port listening for HTTPS requests.
Note: All firewall rules that OpenText Service Virtualization creates are removed if the product is uninstalled.
Default Windows firewall settings
The default inbound rules that OpenText Service Virtualization creates during installation of the Designer or when the Server is run for the first time are as follows:
- Rules with specified ports are used by the System HTTP Listener server, and not directly by OpenText Service Virtualization. The ports are open for any program running on the machine.
- Rules that are assigned directly to the OpenText Service Virtualization applications enable the OpenText Service Virtualization agents to access TCP ports directly.
| Name | Program | Port |
|---|---|---|
| OpenText Service Virtualization Designer | VirtualServiceDesigner | Any |
| OpenText Service Virtualization Designer (HTTP Gateway) | Any | 7200 |
| OpenText Service Virtualization Designer (HTTP Proxy) | Any | 7201 |
| OpenText Service Virtualization Designer (HTTPS Gateway) | Any | 7205 |
| OpenText Service Virtualization Designer (Java SE 6/7 JDBC) | Any | 7288 |
| OpenText Service Virtualization Designer (RestManagementService) |
Any | 7280 |
| OpenText Service Virtualization Server | HP.SV.StandaloneServer | Any |
| OpenText Service Virtualization Server (HTTP Gateway) | Any | 6070 |
| OpenText Service Virtualization Server (HTTP Proxy) | Any | 6071 |
| OpenText Service Virtualization Server (HTTPS Gateway) | Any | 6075 |
| OpenText Service Virtualization Server (Java SE 6/7 JDBC) | Any | 6088 |
|
OpenText Service Virtualization Server (RestManagementService) |
Any |
6080 (secured) or 6085 (secured) |
| Service Virtualization Management (HTTP Server) | Any | 6086 |
Checking Windows firewall settings
To review the current Windows firewall settings for OpenText Service Virtualization:
- In Windows Control Panel, open Windows Firewall.
- Select Advanced Settings to open Windows Firewall with Advanced Security.
-
Select Inbound Rules, and sort by group.
The rules defined for OpenText Service Virtualization start with OpenText Service Virtualization Designer or OpenText Service Virtualization Server.
All rules are created by OpenText Service Virtualization for the Windows Firewall Private profile, using TCP protocol, and are enabled by default.
