When the client workstation connects to IAG Portal and the endpoint detection is done, the IAG needs to do some inbound queries to validate client components. The Whale components that are used during the incoming test on IE are called “Whale Add ons”. They are: WhlClnt3.exe, WhlClnt3.WhlCach3.exe, WhlDetect.dll and WhlMgr.dll. The ports that are used are 80 and 443 however there are dynamic ports but for loopback purpose. One problem that might happen with Windows XP SP2 when using loopback address is explained in KB884020. This problem can prevent the client workstation to accept the endpoint detection correctly; therefore the recommendation is to apply the hotfix 884020 on the XP Client that is facing this issue.
If your client has strict restrictions on the Windows Firewall exceptions, the recommendation is to add the files from Whale Add Ons to the exception list. Adding a program to the exception list is the official recommendation from Windows XP Firewall exceptions as explained below:
When you add a program to the exceptions list, Windows Firewall dynamically opens (unblocks) and closes (blocks) the ports required by the program. When the program is running and listening for incoming traffic, Windows Firewall opens the required ports; when the program is not running or is not listening for incoming traffic, Windows Firewall closes the ports. Because of this dynamic behavior, adding programs to the exceptions list is the recommended method for allowing unsolicited incoming traffic through Windows Firewall.
If you don’t want to open exception and want to disable this “incoming” checking you can add a custom script that in the folder \Whale-Com\e-Gap\von\InternalSite\CustomUpdate\ and create a file that contains the following line: