Acronis Disaster Recovery Service: CDP/NSS Port Usage
CDP/NSS use the following ports for incoming requests. Network firewalls should allow access through these ports for successful communication. To maintain a high level of security, you should disable all unnecessary ports. The ports are not used unless the associated option is enabled in CDP/NSS. For FalconStor appliances, the ports marked ** are enabled by default.
| Protocol | Port | Usage |
| TCP | 20 | Standard FTP data port |
| UDP | 20 | Standard FTP data port |
| TCP | 21 | Standard FTP port |
| UDP | 21 | Standard FTP port |
| TCP | 22** | Standard Secure Shell (SSH) port for remote connection to the server |
| TCP | 23 | Standard Telnet port for remote connection to the server |
| UDP | 23 | Standard Telnet port for remote connection to the server |
| TCP | 25 | Standard SMTP port for E-mail Alerts |
| UDP | 25 | Standard SMTP port for E-mail Alerts |
| UDP | 67 | DHCP port for iSCSI Boot (BootIP) option |
| UDP | 68 | DHCP port for iSCSI Boot (BootIP) option |
| UDP | 69 | TFTP (Trivial File Transfer Protocol) port for iSCSI Boot (BootIP) option |
| HTTP | 80** | Standard HTTP port to access FalconStor Web Setup and is also used for online registration of license key codes. Note: Port 80 is used to send license information to the FalconStor license server for registration. Registration reply is then sent back using HTTP protocol, where a local random port number is used on the server in the same way as Web-based pages. The firewall does not block the reply if the 'established bit' is set to let established traffic in. |
| HTTP | 81** | Standard HTTP port to access FalconStor Management Console via Web Start |
| TCP | 111 | rpcbind RPC program number mapper (NFS) |
| UDP | 111 | rpcbind RPC program number mapper (NFS) Note: NFS port usage is assigned through the SUNRPC protocol. The ports vary, so it is not possible or convenient to keep checking them and reprogramming a firewall. Most firewalls have an "Enable NFS" option to change settings if ports change. |
| UDP | 123 | Standard Network Time Protocol (NTP) transport layer to access external time servers |
| UDP | 137 | ipstornmbd NETBIOS Name Service for CIFS protocol |
| UDP | 138 | ipstornmbd NETBIOS Datagram Service for CIFS protocol |
| TCP | 139 | ipstorsmbd NETBIOS Session Service for CIFS protocol |
| UDP | 161 | SNMP port for SNMP queries |
| HTTPS | 443** | Standard secure HTTP port to access FalconStor Web Setup |
| UDP | 623** | Failover IPMI power control port |
| HTTPS | 1311 | Management port for DELL servers for hardware configuration |
| TCP | 2009 | ENFSD core file system driver for FalconStor HyperFS |
| UDP | 2009 | ENFSD core file system driver for FalconStor HyperFS |
| TCP | 2049 | nfsd NFS server for FalconStor HyperFS |
| UDP | 2049 | nfsd NFS server for FalconStor HyperFS |
| TCP | 3260 | Communication port between iSCSI clients and the server. Also used for iSCSI Boot (BootIP) option. |
| UDP | 4011 | PXE port for iSCSI Boot (BootIP) option |
| TCP | 5001 | isttcp port to test network connection |
| TCP | 8009 | Standard Apache AJP port to access FalconStor Web Setup |
| TCP | 8443 | Apache Tomcat SSL communication port between FalconStor FileSafe clients and FileSafe server for internal commands |
| TCP | 11576** | Secure RPC communication port between FalconStor Management Console and the server |
| TCP | 11577** | Communication port between servers for data replication |
| UDP | 11577** | Communication port between servers for data replication |
| TCP | 11578** | Communication port between replication servers for 56-bit authentication |
| UDP | 11578** | Communication port between replication servers for 56-bit authentication |
| TCP | 11579** | Communication port between replication servers for 128-bit authentication |
| UDP | 11579** | Communication port between replication servers for 128-bit authentication |
| TCP | 11580** | Communication port between failover pair |
| TCP | 11582** | Communication port for Command Line Interface (CLI) |
| TCP | 11588 | Communication port between FalconStor CCM and the server |
| TCP | 11762 | ipstorclntd SecureRPC communication port between SAN Clients and the server for management functions such as snapshot notification, configuration, and retrieval of client information. Note: If you have a DiskSafe client behind a firewall, you need to open this port on that firewall in order to have secure communication between DiskSafe and the server. |
| TCP | 18651 | Communication port between FalconStor FileSafe clients and FileSafe server for data copy |
Although you may temporarily open some ports during initial setup of the CDP/NSS appliance, such as the telnet port (23) and FTP ports (20 and 21), you should close them after your work is complete.