The ports open for each security level are listed in the table below. Additionally, in the General Configuration section of the Settings interface (Settings > System, Updates, and Licensing > General Configuration > Configuration Options), there is a field named dataport_count. This field represents the number of TCP ports allowed to be opened for data transfer. This value includes the control value and four additional ports to determine the actual port numbers from which to select. When any level of security is enabled, the control value is 1745. The default number of additional ports added to 1745 is four. When configuring a firewall (using a security setting and a dataport count of five), ports 1745 through 1749 should be opened between the system and the clients the system protects.
Note: About replication and vaulting - Port 1 must be open during the initial configuration of replication or legacy vaulting. During replication or vaulting setup, if you configure a secure tunnel using OpenVPN (the recommended configuration), port 1194 is used for all communication between the source and target (or vault) systems. If you do not configure a secure tunnel using OpenVPN, ports 1743,1745 and 5432 are required for managing a system from the replication target or vault. Additionally, if you do not configure a secure tunnel using OpenVPN, port 80 is used for replication and port 22 for vaulting. The necessary ports must be open in the firewall for management of the system from the replication target or vault. For more details, see KB 3372.
See these topics for open port details:
The following table describes the ports that are open for the low security level:
Low Security Level |
|
---|---|
Open ports |
Usage |
1 |
Replication or legacy vaulting setup |
22 |
Secure shell |
80 |
HTTP web access |
139 |
Samba share |
161 |
SNMP |
443 |
Secure HTTP web access |
445 |
CIFS |
873 |
Rsync |
888 |
3ware web access |
1194 |
OpenVPN |
1743 |
Extended Internet daemon |
1744 |
Extended Internet daemon |
1745 |
Extended Internet daemon |
1746 |
Extended Internet daemon |
1747 |
Extended Internet daemon |
1748 |
Extended Internet daemon |
1749 |
Extended Internet daemon |
2049 |
Network file system |
3260 |
iSCSI |
4970 |
Postgres database access |
5432 |
Postgres database access |
5801 |
VNC (Java) access |
5900 |
VNC access |
5902 |
VNC access |
6001 |
VNC HTTP web access |
10000 |
NDMP |
The following table describes the ports that are open for the medium security level:
Medium Security Level |
|
---|---|
Open ports | Usage |
1 |
Replication or legacy vaulting setup |
22 |
Secure shell |
139 |
Samba share |
443 |
Secure HTTP web access |
445 |
CIFS |
1194 |
OpenVPN |
1743 |
Extended Internet daemon |
1745 |
Extended Internet daemon |
1746 |
Extended Internet daemon |
1747 |
Extended Internet daemon |
1748 |
Extended Internet daemon |
1749 |
Extended Internet daemon |
4970 |
Postgres database access |
5432 |
Postgres database access |
3260 |
iSCSI |
10000 |
NDMP |
The following table describes the ports that are open for the high security level:
High Security Level | |
---|---|
Ports open | Usage |
1743 |
Extended Internet daemon |
1745 |
Extended Internet daemon |
1746 |
Extended Internet daemon |
1747 |
Extended Internet daemon |
1748 |
Extended Internet daemon |
1749 |
Extended Internet daemon |