Use a firewall between the Controller and a Monitoring Agent
To use a Controller and Monitoring Agent either side of a firewall, it is necessary to open a TCP port on the Monitoring Agent interface. This connection is established in the Controller to Agent direction.
Opening this port is sufficient to allow using the remote Monitoring Agent. Other ports must be opened on the firewall to use the automatic discovery function in the Controller to Agent direction and in the Agent to Controller direction. When these ports are closed, the Monitoring Agent machine host name must be declared manually on the Controller.
For more information about the numbers of the ports to open, see Ports to open.
- To change the default ports
- The TCP port opened by the Monitoring Agent may be changed by editing the [Network]Monitor.agent.server.port key in the <Load Generator>/conf/monitoringAgent.properties file on the Agent side, and the [Network]Monitor.agent.port key in the <Controller>/conf/controller.properties file on the Controller. Note that all Agents must use the same port.
- The TCP port opened by the Controller may be changed by editing the [Network]Controller.server.port key in the <Controller>/conf/controller.properties file.
- The UDP port opened by the Monitoring Agent may be changed by editing the [Network]multicast.port key in the <Load Generator>/conf/monitoringAgent.properties file on the Agent side, and the [Network]Monitor.agent.multicast.port key in the <Controller>/conf/controller.properties file on the Controller. Note that all the Monitoring Agents must have the same port declared.
NeoLoad and Windows firewall
Windows XP SP2 features a built-in firewall that is activated by default. When manually running the Generator Agent with MonitoringAgent.exe, Windows Firewall prompts the user to add the program to the exceptions. When running the program as a service, the firewall does not issue the prompt and automatically blocks the program. The firewall must be configured manually. It is necessary to add ports to the list of exceptions.
Monitoring Agent cannot be accessed from the Controller
For security reasons, opening a port in the Controller to Monitoring Agent direction may not be available. The Agent must be configured so that the connection is made from Agent to Controller.
To configure the connection from Agent to Controller, it is necessary to edit the monitoringAgent.properties file by adding the category [Polling]. The category includes the following required properties:
- polling.controller.addresses lists the Controller IP addresses or host names (separated by a comma) to which the Agent is to connect.
- polling.controller.port is the connection port for the Controller. This port must be the same for all the Controllers the Monitoring Agent is to connect to. The default port for the Controller is TCP 4569.
- polling.delay is the connection interval. The Monitoring Agent will try to connect to the Controllers, once these are started, at regular intervals. The default interval is 10 seconds.
This configuration only requires to open TCP 4569 (or the port set in the Monitoring Agent properties) on the firewall in the Agent to Controller direction. Once the Controller is started and a NeoLoad project is opened, the Monitoring Agent is visible within 10 seconds (as set in the polling.delay property).
Home