Port Tables

For a ports diagram, see CTERA Portal Ports Diagram

Inbound Ports

Port Protocol Notes
22 TCP SSH. CTERA recommends limiting SSH access to specific IP addresses that may require access to the CTERA application servers, for example to perform scheduled maintenance and support related work.
53 UDP DNS resolution server (If portal internal DNS server is registered in DNS)
80 TCP HTTP (redirects to port 443)
443 TCP HTTPS
995 TCP CTTP protocol communications with CTERA Edge Filers and agents. For details about CTTP, see What is the CTTP Transport Protocol
8443 TCP Communications with CTERA Edge Filers for log collection

Outbound Ports

Port Protocol Notes
25 TCP Default SMTP port. This port can be configured on the SMTP server and specified in the portal Web interface
80 TCP HTTP
88 TCP & UDP If Kerberos is used
111 TCP NFS, only required if NFS version 3 storage is used
123 UDP NTP (Network Time Protocol)
389 TCP & UDP LDAP/LDAP GC (Global Catalog)
443 TCP HTTPS
514 UDP Default Syslog port. This port can be configured on the Syslog server
636 TCP LDAP and LDAP GC with TLS (CTERA recommends using LDAPS and LDAPS GC instead of LDAP and LDAP GC)
1344 TCP If using an antivirus server
2049 TCP NFS, only required if NFS version 4.x storage is used
3128 TCP Default Proxy server port, only required if a proxy server is defined in the global administration, where a different port can be configured
3268 TCP & UDP LDAP/LDAP GC (Global Catalog)
3269 TCP LDAPS and LDAPS GC (CTERA recommends using LDAPS and LDAPS GC instead of LDAP and LDAP GC)
5671 TCP Only required when using the Varonis service. This port can be configured in Varonis Data Security Platform
5696 TCP Only required when using the Key Management service to connect to the Key Management Interoperability Protocol (KMIP) server
6514 TCP Default Syslog port over TCP/TLS, can be configured on the Syslog server
9094 TCP Only required when using CTERA Insight

Additional Ports Not Requiring Internet Access

The following ports must be opened between the CTERA Portal servers.

Port Protocol Notes
22, 443 TCP SSH, internal messaging between CTERA Portal servers.
2181, 2888, 3888, 4646, 4647, 5044, 5432, 8081, 8082, 8083, 8088, 9092, 9093, 9094, 9095, 9600, 12181, 19092, 39092 TCP Internal communication between CTERA Portal server micro services.
Port 5432 is used for PostgreSQL access from all cluster members to the main and replication databases.
4648, 8300, 8301, 8500, 8600 TCP & UDP Internal communication between CTERA Portal server micro services.
18682 TCP Only required when a Preview server is used.
Note

CTERA recommends opening a wide port range, 2000-9999, as additional ports might be added with new CTERA Portal versions and the current port numbers might change.

Warning

CTERA Portal operates behind a firewall, and it is important to leave all other ports closed.