58478: Acronis Disaster Recovery Service: CDP/NSS Port Usage

Last update: 02-09-2016

CDP/NSS use the following ports for incoming requests. Network firewalls should allow access through these ports for successful communication. To maintain a high level of security, you should disable all unnecessary ports. The ports are not used unless the associated option is enabled in CDP/NSS. For FalconStor appliances, the ports marked ** are enabled by default.

Protocol Port Usage
TCP 20 Standard FTP data port
UDP 20 Standard FTP data port
TCP 21 Standard FTP port
UDP 21 Standard FTP port
TCP 22** Standard Secure Shell (SSH) port for remote connection to the server
TCP 23 Standard Telnet port for remote connection to the server
UDP 23 Standard Telnet port for remote connection to the server
TCP 25 Standard SMTP port for E-mail Alerts
UDP 25 Standard SMTP port for E-mail Alerts
UDP 67 DHCP port for iSCSI Boot (BootIP) option
UDP 68 DHCP port for iSCSI Boot (BootIP) option
UDP 69 TFTP (Trivial File Transfer Protocol) port for iSCSI Boot (BootIP) option
HTTP 80** Standard HTTP port to access FalconStor Web Setup and is also used for online registration of license key codes.
Note: Port 80 is used to send license information to the FalconStor license server for registration. Registration reply is then sent back using HTTP protocol, where a local random port number is used on the server in the same way as Web-based pages. The firewall does not block the reply if the 'established bit' is set to let established traffic in.
HTTP 81** Standard HTTP port to access FalconStor Management Console via Web Start
TCP 111 rpcbind RPC program number mapper (NFS)
UDP 111 rpcbind RPC program number mapper (NFS)
Note: NFS port usage is assigned through the SUNRPC protocol. The ports vary, so it is not possible or convenient to keep checking them and reprogramming a firewall. Most firewalls have an "Enable NFS" option to change settings if ports change.
UDP 123 Standard Network Time Protocol (NTP) transport layer to access external time servers
UDP 137 ipstornmbd NETBIOS Name Service for CIFS protocol
UDP 138 ipstornmbd NETBIOS Datagram Service for CIFS protocol
TCP 139 ipstorsmbd NETBIOS Session Service for CIFS protocol
UDP 161 SNMP port for SNMP queries
HTTPS 443** Standard secure HTTP port to access FalconStor Web Setup
UDP 623** Failover IPMI power control port
HTTPS 1311 Management port for DELL servers for hardware configuration
TCP 2009 ENFSD core file system driver for FalconStor HyperFS
UDP 2009 ENFSD core file system driver for FalconStor HyperFS
TCP 2049 nfsd NFS server for FalconStor HyperFS
UDP 2049 nfsd NFS server for FalconStor HyperFS
TCP 3260 Communication port between iSCSI clients and the server. Also used for iSCSI Boot (BootIP) option.
UDP 4011 PXE port for iSCSI Boot (BootIP) option
TCP 5001 isttcp port to test network connection
TCP 8009 Standard Apache AJP port to access FalconStor Web Setup
TCP 8443 Apache Tomcat SSL communication port between FalconStor FileSafe clients and FileSafe server for internal commands
TCP 11576** Secure RPC communication port between FalconStor Management Console and the server
TCP 11577** Communication port between servers for data replication
UDP 11577** Communication port between servers for data replication
TCP 11578** Communication port between replication servers for 56-bit authentication
UDP 11578** Communication port between replication servers for 56-bit authentication
TCP 11579** Communication port between replication servers for 128-bit authentication
UDP 11579** Communication port between replication servers for 128-bit authentication
TCP 11580** Communication port between failover pair
TCP 11582** Communication port for Command Line Interface (CLI)
TCP 11588 Communication port between FalconStor CCM and the server
TCP 11762 ipstorclntd SecureRPC communication port between SAN Clients and the server for management functions such as snapshot notification, configuration, and retrieval of client information.
Note: If you have a DiskSafe client behind a firewall, you need to open this port on that firewall in order to have secure communication between DiskSafe and the server.
TCP 18651 Communication port between FalconStor FileSafe clients and FileSafe server for data copy

Although you may temporarily open some ports during initial setup of the CDP/NSS appliance, such as the telnet port (23) and FTP ports (20 and 21), you should close them after your work is complete.

Tags: