Error: Invalid spaceKey on retrieving a related space config.

CM Ports

This topic lists the ports used by the CM agent for all different modules and provides some details on each.

Port overview

Component

Source

Destina-tion

Direction

TCP/ UDP

Service

Port number

Description

Database connection *

Master Server

Database Server

Bi-directional

TCP

TCP

Oracle: 1521 Postgres: 5432 SQL Server: 1433

For communication between the master server and the database. (* only if the database is on another server than the master)

Asset Discovery

Master Server

Client Devices

Bi-directional

TCP

SSH, WMI

22,135

The master server will communicate with agentless devices for Asset Discovery.

Agent Rollout

Master Server

Client Devices

Bi-directional

TCP

SSH, SMB

22,139

To install the CM agent on the client devices.

Client Agent communi-cation

Client Devices

Master Server

Bi-directional *

HTTP

1610

The default agent communication port. * Communication must be possible in the direction from the client to its parent, the downwards direction can be replaced by a tunnel.

CM console

Administra-tive computer

Master Server

Uni-directional

HTTP

1611 (1610)

The default console management port.

Bandwidth Throttling *

Relay

Client

Bi-directional

TCP

TCP

1609

The bandwidth management port on relay servers. (* only used if transfer windows are defined with a percentage)

MyApps

1611 (1610)

The MyApps port on the master server.

AutoDiscovery

TCP

TCP, HTTP

135,22, 23,139, 1610

TCP ports scanned for auto-discovery.

Multicast Traffic

Relay

Client

Uni-directional

UDP

UDP

2500 *

The multicast transfer agent listen port as configured. * An IP range must also be configured.

Active Directory LDAP

Master Server

LDAP Server

TCP

LDAP

389

To synchronize data from LDAP server to CM .

Email Server

Master Server, console

Email Server

Uni-directional

TCP

SMTP

25

To send alerts and reports on email to users. This port must be open on all devices from which emails are sent via the console.

WebAPI

Browser, Web service caller

Master Server

Bi-directional

TCP

HTTP

1616

The port for the web services.

Notifications

XML-RPC packets are sent between the communicating agents as notifications to execute actions.

Direction

Parent Server

Client

Description

Parameter

Any

Agent

Downstream notification

Parameter

Agent

Any

Upstream notification

HTTP Files Transfer

File transfer is executed via the HTTP protocol and passes via the FileStore, it concerns all types of inventories, synchronizations, packages, files, assignments, status, and so on.

Direction

Parent Server

Client

Description

Parameter

Any

Agent

Downstream (Package/Assign/Delete/Scripts ...)

Parameter

Agent

Any

Upstream (Status/Identity/Inventories...)

Parameter

Any

Multicast

Multicast

Bandwidth Calculation

To measure the currently available bandwidth, some TCP/IP packets are sent to the bandwidth management port at the defined rate, by default every 60 seconds, for the defined period of time, by default 200 ms.

Direction

Parent Server

Client

Description

Parameter

Bandwidth

Any

Data sent to calculate available bandwidth

Parameter

Any

Broadcast

Wake-on-LAN notification

Wake-On-LAN

The Wake-On-LAN sends a magic packet to the target devices to wake them up.

Direction

Parent Server

Client

Description

Parameter

Any

Broadcast

Wake-on-LAN notification

Remote Control

Remote control communication passes via images for the actual remote control connections, and uses notifications for access right verifications.

Direction

Console PC

Client

Description

Parameter

Any

Agent

Images transfer / keyboard orders

Direction

CM Master

Client

Description

Parameter

Any

Agent

Downstream notification for Privacy check + client answer

HCHL Web Interface

The agent web interface allows to access agent data via a browser.

Direction

Web Browser

Client

Description

Parameter

Any

Agent

General web interface features

MyApps Application Kiosk

MyApps is part of the agent web interface and allows to execute specific operations and install software packages via a browser and per user.

Direction

Web Browser

Client

Description

Parameter

Any

Kiosk

Web interface for user application kiosk

Direct Access

The Direct Access functionality provides access to specific areas (file system, Registry, services, Task Manager, ...) of a device via the console.

Direction

Console PC

Client

Description

Parameter

Any

Agent

Direct access functionalities

AutoDiscovery

The AutoDiscovery functionality scans the network for a any type of hardware (PCs, printers, servers, firewalls, routers, ...).

Direction

PC1

PC2

Description

Parameter

Any

ICMP

Ping

Parameter

Any

TCP

TCP port scan

Parameter

Any

Agent

Check for the presence of the CM agent (AgentGetIdentity)

Parameter

Any

Agent

Ask for the Autodiscovery list of other devices if the parameter CanLearn is enabled (AutodiscoveryListDevices)

Parameter

Any

Agent

Check if the device is a relay (RelayGetValue)

Ldap Synchronization

The CM master acts as a client to the LDAP server to synchronize its groups with those of the LDAP server, that is, devices and users (translated in CM into administrators and users).

Direction

CM Master

LDAP Server

Description

Parameter

Any

LDAP

LDAP synchronization

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Alessandro Ghezzi

    This page should be completed with some details:

    • Ports used during Asset Discovery (optional/required)
    • it seems that the Source is not really correct

      For example, Agent Rollout: the Source is Master Server, and it CAN BE correct, but IMHO a more correct definition would be "Rollout server". In some cases it can be the Master itself, but in many cases it is a different server

      The same consideration can be done for Asset Discovery (Scanner),  Active Directory (when using a Directory Server Proxy)

    • There are no Source/Destination/Direction for MyApps and AutoDiscovery
    • The "Direction" value si set to "Parameter" for many sections
    • The ports required for OSD are missing

    Sep 01, 2017 08:46