This article is a handy reference to of all IP ports which are being used in RES Workspace Manager, Automation Manager etc. This information is useful for architechts and other solution providers who are designing an network environment that includes RES products. The document will be updated as new ports and/or technologies are added in the future. The reference is divided up by product, although there are some overlapping port usage when it comes to the datastore, which I will cover first:
While this section strictly doesn’t apply directly to the RES products, it’s nevertheless a good idea to know what ports are being used for connectivity to the different datastores which can be used by the products. These TCP ports will be used by both RES Workspace Manager and RES Automation Manager. Chances are if you’re a DBA you probably know more than I do about this, however below is my attempt to gather some usable information on this topic:
Covers regular SQLserver, SQLexpres, and SQL Server Azure
|TCP/1433 is the well known port for SQL servers. Note that from SQLserver 2005 and up, the servers support dynamic ports by default, hence you may have to reconfigure your datatore to ensure you get the expected port|
|Oracle (9.1+)||TCP/1521 will generally be the right port for Oracle SQL*Net 2 traffic. However, Oracle uses quite a few ports it seems. I found a good overview of these ports here.|
|IBM DB2 (8.1+)||TCP/50000 should be the default port when running DB2 on Windows. Sources indicate that when running on AIX, the port number is TCP/50009. On all operatingsystems, check your etc/services file where you should have a dbadmin1 entry.|
|MYsql (5.0+)||TCP/3306 is the default port according to the MySQL 5.1 reference manual here.|
Direction: Console->Agent.This port is used by the powerfuse management console, when you go to the Setup|Agents node, rightclick an agent and select Force Cache update. Effectively this means you have to open this port on every machine that runs the RES Workspace Manager agent. The port is hardcoded, hence cannot be changed.
The reason that this port exists is that if everything else fails (i.e. in the hypothetical situation that cache updates have stopped) you need the ability to reach out directly to the agent and tell it to reload it’s configuration cache.
Update April 17th 2012. TCP/1942 is now also being used by the RES Relay Server, part of RES Workspace Manager 2012. For more information see technote RG046
|TCP/3163||LEGACY. Direction: Session->Subscriber. Before the 7.01 release of the RES Subcriber aka Workspace Extender aka VDX, a dedicated TCP port was used for all subscriber<->session communication. These days the VDX client relies on using a virtual channel within either the RDP or ICA protocol, so the TCP/3163 port is no longer required for PowerFuse. Instead it is being used for RES Wisdom. See below.|
|TCP/3163||Direction Agent->Dispatcher. This port is being used for traffic between the Wisdom Agent and the Wisdom Dispatcher. This port port was previously hardcoded, but can be changed from AM2011 and up. Go here for further info.|
|TCP/4733||This port is used for communication between the Orchestration clients and the Catalog server. Traffic is both directions.|
|TCP/8080||RES PowerFuse agents communicate with the Catalog server using this port.|
|TCP/808||Direction: VDX Agent -> License server. This is the default port for .Net TCP, which is used between the RES VDX Engine and the VDX License Server.|
|TCP/2598 (ICA with session reliability)
TCP/1494 (Oldschool ICA or ICA without Ses. Reliability)
TCP/3389 (Default TS RDP port)
|RES VDX doesn’t have it’s own tcp port, per say. Instead it uses the virtual channels of the display protocol in effect for transfering information about windows metrics and what to launch.
Here on the left are the most common known tcp ports for Citrix ICA and RDP.
Direction: Client <-> HD server. Syncronization process of the Windows HyperDrive client uses an SSL tunnel, running on port 80
Direction: Client <-> HD server. Syncronization process of the OSX HyperDrive client uses an SSL tunnel, running on port 8080
|Direction: HD Server -> SQL Database. Regular SQL traffic to the backend HyperDrive database server|
Direction: Mobile clients/Browser <-> HD server. The Mobile site and myHyperDrive use https over port 443
This port is also used for https by all mobile devices.
|TCP/389||Direction: HD Server -> Active Directory. Used for LDAP queries.|
|TCP/88+464||Direction: HD Server <-> Active Directory. Used for Kerberos authentication.|
|TCP/25||Direction: HD Server -> Mail Server. Used for SMTP/email notifications.|
*The above information is available in RES KB Q203448.