Netsight 6.3 communication ports thru windows firewall

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
Does anyone have handy the list of inbound and outbound ports that a windows firewall would need to allow communication for netsight?
Photo of Sarah Seidl

Sarah Seidl

  • 1,356 Points 1k badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Taykin Izzet

Taykin Izzet , Employee

  • 3,206 Points 3k badge 2x thumb
Sarah, there is a Firewall Considerations section in the Release Notes. The excerpt is as follows:

  • The NetSight Server runs on a set of non-standard ports. These TCP ports (4530-4533) must be accessible through firewalls for clients to connect to the server.
    4530/4531 -- JNP (JNDI)
    4532 -- JRMP (RMI)
    4533 -- UIL (JMS)
  • Port 8080 (Default HTTP traffic) must be accessible through firewalls for users to install and launch NetSight client applications.
  • Port 8443 (Default HTTPS traffic) must be accessible through firewalls for clients to access the NetSight Server Administration web pages, NetSight OneView, and NAC Dashboard.
  • Port 8444 (Default HTTPS traffic) must be accessible through firewalls for clients to access the NAC Appliance Administration web pages.
  • The following ports must be accessible through firewalls for the NetSight Server and a NAC appliance to communicate:
    Required Ports (all bi-directionally)
    TCP: 4530-4533, 4589, 8080, 8443, 8444
    UDP: 161, 162
  • The following port must be accessible through firewalls for NAC appliance to NAC appliance communication:
    TCP: 8444
  • The following ports must be accessible through firewalls for NAC appliance-to-NAC appliance communication in order for assessment agent mobility to function properly:
    TCP: 8080, 8443
  • The following ports must be accessible through firewalls from every end-system subnet subject to the NAC assessment agent to every NAC appliance in order to support agent mobility:
    TCP: 8080, 8443
  • The following ports must be accessible through firewalls for the NetSight Server and Wireless Controllers to communicate:
    SSH: 22
    SNMP: 161, 162
    Langley: 20506
  • The following ports must be accessible through firewalls for the NetSight Server and WAS to communicate:
    TCP: Port 8443 - Used by WAS to authenticate NetSight users. This port corresponds to NetSight’s HTTPs Web Server port.
    TCP: Port 443 - Import data from NetSight into WAS.
    TCP: Port 8080 - Upgrade WAS from WAS UI.
  • Port 2055 must be accessible through firewalls for the NetSight Server to receive NetFlow data.

You can access the Release notes on the NetSight welcome page once NetSight is installed.
(Edited)