Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

What network ports and protocols are required for TippingPoint device operations?

    • Updated:
    • 25 Oct 2018
    • Product/Version:
    • TippingPoint 1500SSL
    • TippingPoint CoreController All
    • TippingPoint IPS N-series All
    • TippingPoint IPS NX-series All
    • TippingPoint IPS S-series All
    • TippingPoint NGFW All
    • TippingPoint SecBlade All
    • TippingPoint SMS All
    • TippingPoint Threat Management Center
    • TippingPoint TPS All
    • TippingPoint Virtual SMS
    • TippingPoint Virtual TPS All
    • Platform:
Summary
This article discusses network ports and protocols required by TippingPoint devices for operation. While some of the ports are required, others will be required depending on your system configuration. You can make other ports available for optional tasks.
  • Required Ports
  • Active Response Ports
  • High Availability (HA) Ports
  • Optional Ports
Details
Public
 

Required Ports

The following table lists and describes the ports that must be made available in order to obtain full system functionality.
PortServiceFromToDescription

Network ports required to use the SMS client

22/TCPSSHSMS ClientSMS ServerCLI Management of SMS
9033/TCPSMSSMS ClientSMS ServerRequired for the SMS client to connect to the SMS server
10042/TCPSMSSMS ClientSMS Server
943/TCPHTTPSSMS ClentSMS ServerSMS Restore
443/TCPHTTPSSMS Client BrowserSMS ServerFile downloads, such as client installation, exported reports, Web services (if configured)

Network ports required for the SMS to manage TippingPoint devices

161/UDPSNMP (agent)SMS ServerIPSSMS Management
443/TCPHTTPSSMS ServerTPS/IPS/NGFWSMS Management
8162/UDPSNMP (trap)IPS/TPSSMS ServerSMS Traps from device to SMS
8163/UDPSNMP (trap)IPS/TPSSMS Server

Network ports required for the SMS to access the TMC for software and security updates1

80/TCPHTTPSMS ServerOutboundDigital Vaccine updates from TMC
443/TCPHTTPSSMS ServerTMCUpdates from TMC. For new SMS installations, this port is the NEWdefault for communication with the TMC.
4043/TCPHTTPSSMS ServerTMCUpdates from TMC. If your installation is prior to v2.5.1, this port is the default for communication with the TMC. Upgrading does not change this port setting.
43/TCPWhoIsSMS Serverwhois.arin.net
whois.apnic.net
whois.ripe.net
whois.lacnic.net
Perform WhoIs lookups
 

Active Response Ports

SMS Active Response is a policy-based service that reacts to its inputs in order to perform a set of actions. How it reacts and the set of actions taken are based on the Active Response policies configured and enabled in the SMS. A policy can be triggered in several ways: thresholding, manually, web service, or escalation of an IPS Quarantine action. Policies can be configured to include and/or exclude a set of IP addresses. The following table lists and describes the Active Response ports that should be made available. These ports are determined by the use of Active Response on SMS. Active Response (Actions) Port Availability.
PortServiceFromToDescription
25/TCPSMTPSMS ServerMail ServerActive Response Email action
162/UDPSNMPSMS ServerRemote HostActive Response SNMP action
162/UDPSNMPSMS ServerRemote HostActive Response NMS action
514/UDPSyslogSMS ServerSyslog ServerActive Response Syslog action
1812/UDPRadiusSMS ServerExternal SwitchRadius proxy (required for Active Response Switch disconnect action)

Active Response (triggers) for the port availability

162/UDPSNMPSMS ServerNMS ServerSNMP Traps from an SNMP Client or NMS Server, such as 3Com Network Directory (3ND) to Active Response
443/TCPHTTPSSMS ServerExternal HostTrigger Active Response via URL, IP correlation lookup, IP or MAC lookup

 

 

High Availability (HA) Ports

The following table lists and describes the High Availability ports that you must make available. In addition to these HA ports, all of the ports listed in the "Required Port Availability" must be open for both Primary and Secondary SMS Servers. The SMS provides command options that allow you to disable or re-enable HA ports. By default all SMS devices are set to yes or enabled. See "High Availability" in the SMS CLI Reference Guide.
PortServiceFrom/ToDescription

SMS to SMS HA

22/TCPSSHSMS Primary ⇔ SMS SecondarySecure remote command execution and file replication
1098/TCPRMISMS Primary ⇔ SMS SecondaryJAVA RMI for HA configuration and remote peer administration
1099/TCPRMI registrySMS Primary ⇔ SMS SecondaryJAVA RMI for HA configuration and remote peer administration
10042/TCPSMSSMS Primary ⇔ SMS SecondaryCLI command replication
4444/TCPRMISMS Primary ⇔ SMS SecondaryJAVA RMI for HA configuration and remote peer administration

IPS to IPS Transparent High-Availability (TRHA)

9591/TCPSSLIPS Primary ⇔ IPS SecondaryTransparent High-Availability (TRHA) messaging is passed via SSL; Each "HA Ping/Heartbeat" message is sent at 60 second intervals.
   

Optional Ports

The following table lists and describes the optional ports that you can make available.
PortServiceFromToDescription

SMS Client Port

10042/TCPSMSSMS ClientSMS ServerSMS backup/restore

SMS Client Browser Port

SNMP Client Port

161/UDPSNMPSNMP ClientSMS ServerTo query SMS SNMP MIBs

Device Ports

123/UDPNTPIPSSMS ServerRequired only if IPS uses SMS for NTP time synchronization
6343/UDPsFlow®IPSsFlow® ServerSend sFlow® data from NX-platform IPS to one or more sFlow® servers
10043/TCPSMS provisionIPSSMS ServerRemote Authentication
443/TCPURL Threat AnalysisSMS ServerDD AnalyzerSend URL data from the SMS to the Deep Discovery Analyzer

SMS Server Ports

389/TCPActive DirectorySMS serverAD serverSMS AD LDAPauthentication
636/TCPActive DirectorySMS serverAD serverSMS AD LDAP over SSL authentication
3306/TCPDatabaseSMS serverAnyExternal database access
External serverExternal replication
53/TCP/UDPDNSSMS serverName serverName resolution
135/TCPID correlationSMS serverAD serverSMS AD authentication
239/UDPIP2IDSMS serverIPS (A10)IDsentrie
111/TCP/UDPNFSSMS serverFile serverReport export, database backup
369/TCP/UDP
2039/TCP/UDP
123/UDPNTPSMS serverNTP server (time source)Time synchronization from external NTP server
1812/UDPRADIUSSMS serverRADIUS serverSMS user authentication
49/TCPTACACS+SMS serverTACACS+ serverSMS user authentication
137/TCP/UDPSambaSMS serverFile serverReport export, database backup
138/TCP/UDP
139/TCP/UDP
1512/TCP/UDP
25/TCPSMTPSMS serverMail serverEmail notifications, such IPS events, Active Response
514/UDPSyslogSMS serverSyslog serverSMS audit and syslog
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000085738
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.