We need to create inbound rules in firewall for external applications connecting to CA components like IDM, SiteMinder and Advance Authentication. I need to know what will be the source port on which the external applications connect with these CA components, that we should provide in firewall rule. Is the source port random?
Usually, in the Client - Server model, the client uses a random portand the server uses a determined one.
So on SiteMinder, the clients : - browser - agent (including embedded agent of components like AdminUI)
use random client port.
About SiteMinder Services ports :
Basically, with no specific additional option, those one will beneeded :
Policy Server 44441, 44442, 44443, 44447, 44448, 44449, 44450 CA Access Gateway (SPS) 80, 443, 8080, 543, 8005, 8009 Web Agent and Web Server 80, 443 AdminUI 8080, 8443
Firewall settings https://docops.ca.com/ca-single-sign-on/12-8/en/installing/install-a-policy-server/install-policy-server-on-windows
Configure OneView Monitor Port Numbers https://docops.ca.com/ca-single-sign-on/12-8/en/configuring/configure-oneview-monitor-port-numbers
CA Access Gateway Configuration https://docops.ca.com/ca-single-sign-on/12-8/en/configuring/ca-access-gateway-configuration
Policy Server Configuration https://docops.ca.com/ca-single-sign-on/12-8/en/configuring/policy-server-configuration
Hope this helps,