Installation guide
153
Security Engine Ports
Security Engine Ports
The illustrations below present an overview to the most important default ports used in
communications between Security Engines and the SMC and between clustered Security Engine
nodes. See the table below for a complete list of default ports for the engines.
Illustration B.3 Destination Ports for Basic Security Engine Communications
Illustration B.4 Default Destination Ports for Security Engine Service Communications
Note – Master Engines use the same default ports as clustered Security Engines. Virtual
Security Engines do not communicate directly with other system components.
Other Node(s) in the Cluster
Log Server
Security Engine /
Master Engine
Management Server
TCP:
3020
TCP:
636
4950
4987
8888
Or none*
TCP:
3021
3023
8906*
*Single engines with “Node-initiated Contact to Management Server” selected.
TCP:
3002
3003
3010
UDP:
3000
3001
Multicast
(Heartbeat
interfaces)
Server Pool*
DNS Server
LDAP Server* RADIUS Server*
TACACS+
Server*
DHCP Server*
SNMP Server
RPC
Server*
Security Engine /
Master Engine
VPN Clients*
VPN
Gateways*
UDP:
500
2746
4500
UDP:
68
UDP:
161
UDP:
67
UDP:
162
TCP, UDP:
111
UDP:
7777
TCP:
389
636
UDP:
1812
1645
TCP, UDP:
53
TCP:
49
UDP:
500
4500
UDP:
500
2746
4500
User Agent*
TCP:
16661
* Engines in the Firewall/VPN role.