Firewall
It is necessary to open ports to use:
- 
                                                    the Controller and a Load Generator with a firewall 
- 
                                                    the Controller and a Monitoring Agent with a firewall 
 Use a firewall between the Controller and a Load Generator
Use a firewall between the Controller and a Load Generator
                                                To use a Controller and Load Generator either side of a firewall, it is necessary to open a TCP port on the Load Generator interface. This connection is established in the Controller-to-Load Generator direction.
Note: The communication between a NeoLoad controller and a Load Generator uses a Websocket over the TLS protocol.
Opening this port is sufficient to allow using the remote Load Generator. Other ports must be opened on the firewall to use the automatic discovery function in the Controller-to-Load Generator direction and in the Load Generator-to-Controller direction. When these ports are closed, the load generating machine host name must be declared manually on the Controller.
Note:  Default port of Load Generators is 7200 and of UDP is 1358. For more information about how to open the ports, see Ports to open. To be able to use the NeoLoad Cloud Platform, the URL https://cloud.saas.neotys.com:443 must be accessible from the Controller.
To change the default ports, follow these steps:
- 
                                                            The TCP port opened by the Load Generator Agent may be changed by editing the [Network]agent.server.portkey in the<Load Generator>/conf/agent.propertiesfile on the Load Generator side, and the[Network]agent.portkey in the<Controller>/conf/controller.propertiesfile on the Controller side.
- 
                                                            The TCP port opened by the Controller may be changed by editing the [Network]controller.server.portkey in the<Controller>/conf/controller.propertiesfile.
- 
                                                            The UDP port opened by the Load Generator Agent may be changed by editing the [Network]multicast.portkey in the<Load Generator>/conf/agent.propertiesfile on the Load Generator side, and the[Network]agent.multicast.portkey in the<Controller>/conf/controller.propertiesfile on the Controller. All Load Generators must have the same port declared.
NeoLoad and Windows firewall
Windows features a built-in firewall that is activated by default. When manually running the Generator Agent with Agent.exe, the Windows firewall prompts the user to add the program to the exceptions. When running the program as a service, the firewall does not issue the prompt and automatically blocks the program. The firewall must be configured manually. It is necessary to add the ports to the list of exceptions.
 Use a firewall between the Controller and a Monitoring Agent
Use a firewall between the Controller and a Monitoring Agent
                                                To use a Controller and Monitoring Agent either side of a firewall, it is necessary to open a TCP port on the Monitoring Agent interface. This connection is established in the Controller to Agent direction.
Opening this port is sufficient to allow using the remote Monitoring Agent. Other ports must be opened on the firewall to use the automatic discovery function in the Controller to Agent direction and in the Agent to Controller direction. When these ports are closed, the Monitoring Agent machine host name must be declared manually on the Controller.
Note: Default port of Load Generators is 7100 and of UDP is 1359. For more information about how to open the ports, see Ports to open.
To change the default ports, follow these steps:
- 
                                                            The TCP port opened by the Monitoring Agent may be changed by editing the [Network]Monitor.agent.server.portkey in the<Load Generator>/conf/monitoringAgent.propertiesfile on the Agent side, and the[Network]Monitor.agent.portkey in the<Controller>/conf/controller.propertiesfile on the Controller. Note that all Agents must use the same port.
- 
                                                            The TCP port opened by the Controller may be changed by editing the [Network]Controller.server.portkey in the<Controller>/conf/controller.propertiesfile.
- 
                                                            The UDP port opened by the Monitoring Agent may be changed by editing the [Network]multicast.portkey in the<Load Generator>/conf/monitoringAgent.propertiesfile on the Agent side, and the[Network]Monitor.agent.multicast.portkey in the<Controller>/conf/controller.propertiesfile on the Controller. Note that all the Monitoring Agents must have the same port declared.
NeoLoad and Windows firewall
Windows XP SP2 features a built-in firewall that is activated by default. When manually running the Generator Agent with MonitoringAgent.exe, Windows Firewall prompts the user to add the program to the exceptions. When running the program as a service, the firewall does not issue the prompt and automatically blocks the program. The firewall must be configured manually. It is necessary to add ports to the list of exceptions.
Monitoring Agent cannot be accessed from the Controller
For security reasons, opening a port in the Controller to Monitoring Agent direction may not be available. The Agent must be configured so that the connection is made from Agent to Controller.
To configure the connection from Agent to Controller, it is necessary to edit the monitoringAgent.properties file by adding the category [Polling]. The category includes the following required properties:
- 
                                                            polling.controller.addresseslists the Controller IP addresses or host names (separated by a comma) to which the Agent is to connect.
- 
                                                            polling.controller.portis the connection port for the Controller. This port must be the same for all the Controllers the Monitoring Agent is to connect to. The default port for the Controller isTCP 4569.
- 
                                                            polling.delayis the connection interval. The Monitoring Agent will try to connect to the Controllers, once these are started, at regular intervals. The default interval is 10 seconds.
This configuration only requires to open TCP 4569 (or the port set in the Monitoring Agent properties) on the firewall in the Agent to Controller direction. Once the Controller is started and a NeoLoad project is opened, the Monitoring Agent is visible within 10 seconds (as set in the polling.delay property).