Port Assignments When Using a Firewall
When network communication between Recovery Appliance and other components requires access through a firewall, you must open ports used by the Recovery Appliance services.
Note:
A firewall may not be used between components of the Recovery Appliance.
Table 3-2 lists the ports used by services on Recovery Appliance. Review the list and open the necessary ports. All ports are on the management network, unless otherwise noted.
Table 3-2 Open Ports for the Firewall
| Source | Target | Protocol | Port | Application |
|---|---|---|---|---|
|
NA |
Database management |
SSH over TCP |
22 |
SSH |
|
NA |
Compute servers, storage servers, and InfiniBand ILOMs |
SSH over TCP |
22 |
SSH |
|
NA |
Storage management |
SSH over TCP |
22 |
SSH |
|
Storage servers |
email server |
SMTP |
25 465 if using SSL |
SMTP (Simple Mail Transfer Protocol) |
|
Compute servers, storage servers, and InfiniBand ILOMs |
NA |
TFTP over UDP |
69 |
Outgoing TFTP (Trivial File Transfer Protocol) |
|
NA |
Compute servers, storage servers, and InfiniBand ILOMs |
HTTP over TCP |
80 |
Web (user configurable) |
|
NA |
PDU |
HTTP over TCP |
80 |
Browser interface |
|
Database management |
NA |
NTP over UDP |
123 |
Outgoing Network Time Protocol (NTP) |
|
Compute servers, storage servers, and InfiniBand ILOMs |
NA |
NTP over UDP |
123 |
Outgoing NTP |
|
Storage management |
NA |
NTP over UDP |
123 |
Outgoing NTP |
|
ASR Manager |
ASR asset |
SNMP (get) |
161 |
FMA enrichment for additional diagnostic information |
|
NA |
Compute servers, storage servers, and InfiniBand ILOMs |
SNMP over UDP |
161 |
SNMP (Simple Network Management Protocol) (user configurable) |
|
NA |
PDU |
SNMP over UDP |
161 |
SNMP (user configurable) |
|
Storage servers |
SNMP subscriber such as Oracle Enterprise Manager Cloud Control or an SNMP manager |
SNMP |
162 |
SNMP version 1 (SNMPv1) outgoing traps (user-configurable) |
|
Compute servers and storage server ILOMs |
ASR Manager |
SNMP |
162 |
Telemetry messages sent to ASR Manager |
|
Compute servers, storage servers, and InfiniBand ILOMs |
NA |
IPMI over UDP |
162 |
Outgoing IPMI (Intelligent Platform Management Interface) Platform Event Trap (PET) |
|
PDU |
NA |
SNMP over UDP |
162 |
Outgoing SNMPv2 traps |
|
NA |
Compute servers, storage servers, and InfiniBand ILOMs |
LDAP over UDP/TCP |
389 |
Outgoing LDAP (Lightweight Directory Access Protocol) (user configurable) |
|
ASR Manager |
ASR back end |
HTTPS |
443 |
Telemetry messages sent to ASR back end |
|
NA |
Compute servers, storage servers, and InfiniBand ILOMs |
HTTPS over TCP |
443 |
Web (user configurable) |
|
NA |
PDU |
HTTPS over TCP |
443 |
Browser interface |
|
Compute servers, storage servers, and InfiniBand ILOMs |
NA |
Syslog over UDP |
514 |
Outgoing Syslog |
|
PDU |
NA |
Syslog over UDP |
514 |
Outgoing Syslog |
|
Compute servers, storage servers, and InfiniBand ILOMs |
NA |
DHCP over UDP |
546 |
client DHCP (Dynamic Host Configuration Protocol) |
|
PDU |
NA |
DHCP over UDP |
546 |
DHCP (Dynamic Host Configuration Protocol) client |
|
NA |
Compute servers, storage servers, and InfiniBand ILOMs |
IPMI over UDP |
623 |
IPMI (Intelligent Platform Management Interface) |
|
Oracle Enterprise Manager Cloud Control |
NA |
TCP |
1159 |
Oracle Enterprise Manager Cloud Control HTTPS upload port |
|
Oracle Enterprise Manager Cloud Control |
NA |
TCP |
1159 |
Oracle Enterprise Manager Cloud Control HTTPS upload port |
|
NA |
Database data |
SQL*Net over TCP |
1521 |
Database listener |
|
Protected database |
Recovery Appliance |
SQL*Net over TCP |
1521 (ingest network) |
RMAN backup and restore |
|
Upstream Recovery Appliance |
Downstream Recovery Appliance |
SQL*Net over TCP |
1522 (replication network) |
Recovery Appliance Replication |
|
Compute servers, storage servers, and InfiniBand ILOMs |
NA |
RADIUS over UDP |
1812 |
Outgoing RADIUS (Remote Authentication Dial In User Service) (user configurable) |
|
Oracle Enterprise Manager Grid Control |
NA |
TCP |
4889 |
Oracle Enterprise Manager Cloud Control HTTP upload port |
|
Oracle Enterprise Manager Grid Control |
NA |
TCP |
4889 |
Oracle Enterprise Manager Cloud Control HTTP upload port |
|
NA |
Compute server and storage server ILOMs |
TCP |
5120 |
ILOM remote console: CD |
|
NA |
Compute server and storage server ILOMs |
TCP |
5121 |
ILOM remote console: keyboard and mouse |
|
NA |
Compute server and storage server ILOMs |
TCP |
5123 |
ILOM remote console: diskette |
|
NA |
Compute server and storage server ILOMs |
TCP |
5555 |
ILOM remote console: encryption |
|
NA |
Compute server and storage server ILOMs |
TCP |
5556 |
ILOM remote console: authentication |
|
ASR Manager |
Compute server and storage server ILOMs |
HTTP |
6481 |
Service tags listener for asset activation |
|
NA |
Compute server and storage server ILOMs |
TCP |
6481 |
ILOM remote console: |
|
NA |
Compute server and storage server ILOMs |
TCP |
7578 |
ILOM remote console: video |
|
NA |
Compute server and storage server ILOMs |
TCP |
7579 |
ILOM remote console: serial |
|
NA |
Compute servers |
TCP |
7777 |
Oracle Enterprise Manager Grid Control HTTP console port |
|
NA |
Storage servers |
TCP |
7777 |
Oracle Enterprise Manager Grid Control HTTP console port |
|
NA |
Compute servers |
TCP |
7799 |
Oracle Enterprise Manager Grid Control HTTPS console port |
|
NA |
Storage servers |
TCP |
7799 |
Oracle Enterprise Manager Grid Control HTTPS console port |
|
Protected database |
Recovery Appliance |
HTTP |
8001 (ingest network) |
RMAN backup and restore |
|
Upstream Recovery Appliance |
Downstream Recovery Appliance |
HTTP |
8001 (replication network) |
Recovery Appliance Replication |