iSeries Access Through a Firewall | IBM i (OS/400, i5/OS)

Port Mapper
Port Mapper returns the port number for the requested server.
8476 (9476)
Sign-on is used for every iSeries Access connection to authenticate users and to change passwords. It is also used to retrieve Application Administration settings.
8470 (9470)
Central is used when an iSeries Access license is required. It’s also used for downloading conversion tables.
Data Queue
8472 (9472)
Data Queue allows access to the iSeries data queues, used for passing data between applications.
8471 (9471)
Database is used for accessing the OS/400 database.
Remote Command
8475 (9475)
Remote Command is used for sending commands from a PC to an iSeries and for program calls.
8473 (9473)
File is used for accessing any part of the OS/400 file system.
8474 (9474)
Print is used to access printers known to the OS/400.
Web Admin
2001 (2010)
Web Admin is used to access Web applications served by the iSeries.
446 (448)
DDM is used to access data via DRDA. It’s also used for record-level access.
23 (992)
Telnet is used to access 5250 emulation.
137, 138, 139, 8474
Netserver allows access to the OS/400 Integrated File System (IFS) from Windows PCs.
USF (or Ultimedia) is used for multimedia data. (Note: This server is being removed in a future release.)
389 (636)
LDAP provides a network directory service.
Management Central
5555 5544 5577 (5566)
Management Central is used to manage multiple iSeries 400s in a network.

Figure 1: These are the ports associated with the servers used by iSeries Access for Windows.

Figure 2 lists some common iSeries Access functions and the servers that they utilize. Using Figure 1 and Figure 2, you should be able to determine which ports you need to open on your firewall. Also, these two tables are available on the iSeries Access Web site, in the Information APARs section. Select II12227. This page is kept up-to-date with the latest information on iSeries Access port usage. There could be additions to this table at any time, although it’s likely that changes will be seen only on release boundaries.

Client Access Function
Servers Used
PC5250 display and printer emulation
Sign-on, Central, Telnet
Data transfer
Sign-on, Central, Database
Base iSeries Navigator support
Sign-on, Remote Command
All iSeries Navigator functions
Sign-on, Remote Command, File, Print, Database, Web Admin, Management Central, USF, Netserver, LDAP, Data Queue
Sign-on, Database
Sign-on, Database, DDM, Remote Command, Data Queue
AFP Viewer
Sign-on, Print
Client Access Install from iSeries
Incoming Remote Command
Uses no specific server, and iSeries port will vary. PC-side port is 512.
Fax support
Sign-on, Print


Leave a Reply

Your email address will not be published. Required fields are marked *