Network ports


The following table explains the default configurations of protocols and ports for different services.

Service

Port

Protocol

Flow

Function

Default state

Port configurable

Notes

HTTPS

443

TCP

Inbound

Management UI

Enabled

Yes

Hardened Apache/Tomcat

HTTPS

443

TCP

Inbound

Log retrieval

Disabled

Yes

 

HTTPS

443

TCP

Outbound

Communication between the following components and systems:

  • AM Console and Analyzer
  • Analyzer and Collector
  • Collector and a Cloud Probe
  • REST API calls between systems
  • Analyzer and a PATROL Agent (running the BMC PATROL Knowledge Module for End User Experience Management)
  • AM Console and synthetic TEA Agent

Enabled

Yes

If the two components using this port are on different sides of a firewall, make sure to allow traffic through the port on your firewall.

Use port 4443 for communications between the Cloud Probe and APM Central (if the default ports are in use).

HTTP

80

TCP

Inbound

Redirect to 443 for UI

Enabled

Yes

Hardened Apache/Tomcat

HTTP

80

TCP

Inbound

Log retrieval

Disabled

Yes

 

SSH (CLI)

22

TCP

Inbound

Initial configuration

Disabled

No

Only SSHv2 supported

For troubleshooting, the command-line interface (CLI) of all components requires access via port 22 (SSH).

SNMP

161

UDP

Inbound

SNMP polling

Disabled

Yes

v1/v2/v3 supported

v3 security optional

SNMP

162

UDP

Outbound

SNMP traps (including communication from the Analyzer to trap-based event integrations with BMC PATROL and BMC ProactiveNet)

Disabled

Yes

v1/v2/v3 supported

v3 security optional

SMTP

25

TCP

Outbound

Email alerts/reports

Disabled

Yes

Secure STARTTLS authentication optional

SMTP

465

TCP

Outbound

Email alerts/reports

Disabled

Yes

Secure SMTPS authentication optional

Syslog

514

UDP

Outbound

System events

Disabled

No

 

NTP

123

TCP / UDP

Inbound
Outbound

Time sync

Disabled

No

 

LDAP

389

TCP

Outbound

LDAP user account authentication

Disabled

Yes

Non-Secure or LDAPS (Secure LDAP, also known as LDAP over SSL)

RcSP

(Record Streaming Protocol)

 

22031

22032

22033

TCP

Inbound

Network traffic collection by an Analyzer or Monitor

  • Port 22031 streams Objects.
  • Port 22032 streams Pages.
  • Port 22033 streams Sessions.

Enabled

No

TLS/SSLv3 secure

RcSP is a BMC proprietary protocol.

RcSP

22031

22032

22033

TCP

Outbound

Send traffic data from an Analyzer or Monitor to the Performance Analytics Engine for processing

Enabled

No

TLS/SSLv3 secure

Oracle Listener

1521

TCP

Inbound

Communication between the Extended Reporting data warehouse (Oracle instance) and the SAP BusinessObjects Central Management Server

Enabled

Yes

 

NFS / CIFS

445

TCP

Inbound

Communication between the Aggregation Server and the Network Attached Storage (NAS) device

Enabled

No

 

HTTP

HTTPS

8100

8143

TCP

Inbound

Communication to a Diagnostics Portal from a Diagnostics Collector, Diagnostics Agent, or the AM Console

Enabled

Yes

 

HTTP

HTTPS

8200

8243

TCP

Inbound

Communication to a Diagnostics Collector from a Diagnostics Portal or Diagnostics Agent

Enabled

Yes

 

Note

 For outbound communication, the ports listed are the ports to which a component connects.

Related topics

The following topics provide information on how to the configure ports utilized by the APM system components: