CM Ports
This topic lists the ports used by the CM agent for all different modules and provides some details on each.
Port overview
Component | Source | Destina-tion | Direction | TCP/ UDP | Service | Port number | Description |
|---|---|---|---|---|---|---|---|
Database connection * | Master Server | Database Server | Bi-directional | TCP | TCP | Oracle: 1521 Postgres: 5432 SQL Server: 1433 | For communication between the master server and the database. (* only if the database is on another server than the master) |
Asset Discovery | Master Server | Client Devices | Bi-directional | TCP | SSH, WMI | 22,135 | The master server will communicate with agentless devices for Asset Discovery. |
Agent Rollout | Master Server | Client Devices | Bi-directional | TCP | SSH, SMB | 22,139 | To install the CM agent on the client devices. |
Client Agent communi-cation | Client Devices | Master Server | Bi-directional * |
| HTTP | 1610 | The default agent communication port. * Communication must be possible in the direction from the client to its parent, the downwards direction can be replaced by a tunnel. |
CM console | Administra-tive computer | Master Server | Uni-directional |
| HTTP | 1611 (1610) | The default console management port. |
Bandwidth Throttling * | Relay | Client | Bi-directional | TCP | TCP | 1609 | The bandwidth management port on relay servers. (* only used if transfer windows are defined with a percentage) |
MyApps |
|
|
|
|
| 1611 (1610) | The MyApps port on the master server. |
AutoDiscovery |
|
|
| TCP | TCP, HTTP | 135,22, 23,139, 1610 | TCP ports scanned for auto-discovery. |
Multicast Traffic | Relay | Client | Uni-directional | UDP | UDP | 2500 * | The multicast transfer agent listen port as configured. * An IP range must also be configured. |
Active Directory LDAP | Master Server | LDAP Server |
| TCP | LDAP | 389 | To synchronize data from LDAP server to CM . |
Email Server | Master Server, console | Email Server | Uni-directional | TCP | SMTP | 25 | To send alerts and reports on email to users. This port must be open on all devices from which emails are sent via the console. |
WebAPI | Browser, Web service caller | Master Server | Bi-directional | TCP | HTTP | 1616 | The port for the web services. |
Notifications
XML-RPC packets are sent between the communicating agents as notifications to execute actions.
Direction | Parent Server | Client | Description |
|---|---|---|---|
Parameter | Any | Agent | Downstream notification |
Parameter | Agent | Any | Upstream notification |
HTTP Files Transfer
File transfer is executed via the HTTP protocol and passes via the FileStore, it concerns all types of inventories, synchronizations, packages, files, assignments, status, and so on.
Direction | Parent Server | Client | Description |
|---|---|---|---|
Parameter | Any | Agent | Downstream (Package/Assign/Delete/Scripts ...) |
Parameter | Agent | Any | Upstream (Status/Identity/Inventories...) |
Parameter | Any | Multicast | Multicast |
Bandwidth Calculation
To measure the currently available bandwidth, some TCP/IP packets are sent to the bandwidth management port at the defined rate, by default every 60 seconds, for the defined period of time, by default 200 ms.
Direction | Parent Server | Client | Description |
|---|---|---|---|
Parameter | Bandwidth | Any | Data sent to calculate available bandwidth |
Parameter | Any | Broadcast | Wake-on-LAN notification |
Wake-On-LAN
The Wake-On-LAN sends a magic packet to the target devices to wake them up.
Direction | Parent Server | Client | Description |
|---|---|---|---|
Parameter | Any | Broadcast | Wake-on-LAN notification |
Remote Control
Remote control communication passes via images for the actual remote control connections, and uses notifications for access right verifications.
Direction | Console PC | Client | Description |
|---|---|---|---|
Parameter | Any | Agent | Images transfer / keyboard orders |
Direction | CM Master | Client | Description |
Parameter | Any | Agent | Downstream notification for Privacy check + client answer |
HCHL Web Interface
The agent web interface allows to access agent data via a browser.
Direction | Web Browser | Client | Description |
|---|---|---|---|
Parameter | Any | Agent | General web interface features |
MyApps Application Kiosk
MyApps is part of the agent web interface and allows to execute specific operations and install software packages via a browser and per user.
Direction | Web Browser | Client | Description |
|---|---|---|---|
Parameter | Any | Kiosk | Web interface for user application kiosk |
Direct Access
The Direct Access functionality provides access to specific areas (file system, Registry, services, Task Manager, ...) of a device via the console.
Direction | Console PC | Client | Description |
|---|---|---|---|
Parameter | Any | Agent | Direct access functionalities |
AutoDiscovery
The AutoDiscovery functionality scans the network for a any type of hardware (PCs, printers, servers, firewalls, routers, ...).
Direction | PC1 | PC2 | Description |
|---|---|---|---|
Parameter | Any | ICMP | Ping |
Parameter | Any | TCP | TCP port scan |
Parameter | Any | Agent | Check for the presence of the CM agent (AgentGetIdentity) |
Parameter | Any | Agent | Ask for the Autodiscovery list of other devices if the parameter CanLearn is enabled (AutodiscoveryListDevices) |
Parameter | Any | Agent | Check if the device is a relay (RelayGetValue) |
Ldap Synchronization
The CM master acts as a client to the LDAP server to synchronize its groups with those of the LDAP server, that is, devices and users (translated in CM into administrators and users).
Direction | CM Master | LDAP Server | Description |
|---|---|---|---|
Parameter | Any | LDAP | LDAP synchronization |