ActiveBatch Firewall Settings
ActiveBatch supports the use of firewalls between the Client and Job Scheduler components as well as between the Job Scheduler and Execution Agent services
Client to Job Scheduler
The default port number for the Job Scheduler is 3656. To change this port you will need to use a Registry Editor and change HKLM\Software\ASCI\ActiveBatch\V140\JobSched\Services\RPC and add a value name of ServicePort as a DWORD with a value of the new port number that you would like to establish.
Note: The key beginning with Services probably won’t exist and you will need to create both Services and RPC as well as the value name ServicePort).
To connect a client to a non-standard Job Scheduler port number will also require that you specify the hostname:port syntax (for example, localhost:2000 if the new port is 2000).
Note: If the Client is on one side of a firewall and the Job Scheduler is on another firewall. You will need to open 3656 for outgoing TCP access on the Client firewall. On the Job Scheduler firewall, 3656 would need to be open for incoming TCP access.
For WMI access a Knowledge Base article on both the ASCI and Microsoft websites addresses the complexities of allowing WMI access through a firewall. To summarize, WMI events are initiated through port 135 and DCOM assigns a port at random from 1024 to 65535 (a Microsoft KB indicates how you can narrow that range).
Job Scheduler and Execution Agent
The default port number for the Execution Agent is 3655. If you want to change that value you must change the Job Scheduler’s ExecPort parameter as well as the Execution Agent’s Port parameter so they contain the same value. Alternatively, you can change only a specific Execution Agent’s port number and then use hostname:port syntax when you specify the Machine property for the Execution Queue. This later approach is best when the standard port number is fine for most of your machines and you need to use the exception port number for firewall use.
Note: If the Job Scheduler is on one side of a firewall and the Execution Agent is on another firewall. You will need to open 3655 for outgoing TCP access on the Job Scheduler firewall. On the Execution Agent firewall, 3655 would need to be open for incoming TCP access. ActiveBatch does not create or require another port for inbound access to the Job Scheduler using this port number.