What ports does Director use?

Solution

Overview

What ports do I need to open in my firewall for Director?
If I use Port Address Translation (PAT), what ports do I need to forward for Director?

 

Cause
Resolution

With SGME 5.4.2 and later, the Director appliance uses the following ports:

  • 8082 for accessing the Director Management Console and to enable Director to start the ProxySG Management Console
  • 8085 for registering devices and for downloading the SGME 5.4.2.4 and later Java Network Launching Protocol (JNLP) application used to start the Management Console
  • 8086 for registering devices
  • 8087 is used to download jar files (introduced after private certs were allowed to be used on Director 6.1.12.1)
  • 22 for Secure Shell (SSH) access
  • 23 for Telnet if Telnet is enabled (Telnet is disabled by default)
  • 873 (UDP) for standby

The ports are used as follows:

  • Director Management Console to Web browser on 8085 (download the JNLP application)
  • Director Management Console to Director on 22 (for general communication)
  • Director Management Console to ProxySG on 8082 (for statistics only)
  • Director Management Console to Director on 8082 (for Java WebStart launch)
  • Director appliance to ProxySG on 8082 (getting updated Java Archive (.jar) files after a ProxySG upgrade)
  • Director appliance to ProxySG on 22
  • Director appliance to Director appliance on 873 (UDP) for standby
  • Registration, ProxySG to Director appliance on 8085 and 8086

 

TIPS FOR DIRECTOR, DNS, AND ICMP PINGS:

1: As indicated in NOTE2 below, Director uses ICMP pings before contacting each ProxySG.  If ICMP is disabled on the network, then Director will not function properly.  Please see 000008980 for details.

2: If you have not configured Director to point to a DNS server, the Director Management console will fail with a HTTP 500 error. See 000015284 for more details.

NOTE1: For more information on version 5.5.1.1., and the introduction of a webserver on port 80, see 000014310.

NOTE2:  A health check is done against each ProxySG appliance every minute To do this, the Director sends triggers this CLI command on each SG:

  • Director # show system-resource-metrics xml
  • A ping is also conducted prior to connecting to each.   For more information on this, see 000008980.

NOTE3: For more information on how to troubleshoot Director, using its journals, and logs, see  000011526.

NOTE4: For information on how to troubleshoot why you can't load the User Interface to login to Director, see 000014650.

 

Workaround
Additional Information
Bug Number
InQuira Doc IdKB3457
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat