SolarWinds Port Requirements
The following reference provides a comprehensive list of port requirements for SolarWinds products. The ports vary from product to product and on a per use basis. In some cases, ports are configurable. Refer to your product Administrator Guide for more information.
If you have installed one or more SolarWinds Platform products, make sure you review ports for the SolarWinds Platform and the features you use in addition to the ports required by your product.
- SolarWinds Platform products
- Ports for SolarWinds Platform features
- Additional polling engine
- Additional web server
- SolarWinds Platform High Availability
- Network Atlas
- SolarWinds Platform Agent
- SolarWinds Platform Agent: Target computer
- SolarWinds Platform Agent: SolarWinds Platform server
- SolarWinds Platform Agent: Local ports
- Show More
SolarWinds Platform products
Ports for SolarWinds Platform features
- Additional polling engine
- Additional web server
- SolarWinds Platform High Availability
- Network Atlas
- SolarWinds Platform Agent
- SolarWinds Installer
Additional polling engine
Additional polling engines (APEs) have the same port requirements as the main polling engine. The following ports are the minimum required for an Additional polling engine to ensure the most basic functions.
| Port |
Proto- col |
Service/ Process |
Direction | Description |
|---|---|---|---|---|
| 161 | UDP | SolarWinds Job Engine | Outbound | The port used by the Additional polling engine (APE) to query for SNMP information on the device and to send it to the APE. |
| 162 | UDP | SolarWinds Trap Service | Inbound | The port used by the APE for receiving trap messages from devices. |
|
1433 |
TCP |
SolarWinds Collector Service |
Outbound | The port used for communication between the APE and the SolarWinds Platform database. |
| 1434 | UDP | SQL Browse Service | Outbound | The port used for communication with the SQL Server Browser Service (SolarWinds Platform database) and the APE to determine how to communicate with certain non-standard SQL Server installations. Required only if your SQL Server is configured to use dynamic ports. |
|
5671 |
TCP |
RabbitMQ | Outbound |
The port used for SSL-encrypted RabbitMQ messaging from the Additional polling engine to the main polling engine. |
|
17777 |
TCP |
SolarWinds Information Service |
Bidirectional |
The port used for communication between the Additional polling engine and the main polling engine. |
Additional web server
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
|
80 |
TCP |
World Wide Web Publishing Service | Inbound |
Default Additional polling engine port. Open the port to enable communication from your computers to the SolarWinds Platform Web Console. If you specify any port other than 80, you must include that port in the URL used to access the SolarWinds Platform Web Console. For example, if you specify an IP address of 192.168.0.3 and port 8080, the URL used to access the web console is |
| 443 | TCP | IIS | Inbound | The default port for https binding. |
|
1433 |
TCP |
SolarWinds Information Service | Outbound |
The port used for communication between the SolarWinds Platform server and the SQL Server. Open the port from your SolarWinds Platform Web Console to the SQL Server. |
| 5671 | TCP | RabbitMQ | Outbound |
The port used for SSL-encrypted RabbitMQ messaging from the Additional web server to the main polling engine. |
|
17777 |
TCP |
SolarWinds Information Service | Outbound |
SolarWinds Platform module traffic. Open the port to enable communication from all polling engines (both main or additional) to the Additional web server, and from the Additional web server to polling engines. |
SolarWinds Platform High Availability
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 53 | UDP | SolarWinds High Availability Service | outbound | Used when failing over with a virtual hostname to update the virtual hostname's DNS entry and for periodic monitoring. |
| 135 | TCP | SolarWinds High Availability Service | bidirectional | Used to remotely manage services including DHCP server or DNS server. |
| 4369 | TCP | RabbitMQ | bidirectional | TCP ports 4369 and 25672 must be open between the main and secondary servers to allow RabbitMQ clustering between the two servers. These ports exchange EPMD and Erlang distribution protocol messages for RabbbitMQ. They do not need to be open in additional polling engine pools. |
| 5671 | TCP |
SolarWinds High Availability |
bidirectional | Port 5671 must be open into the HA pool with the main SolarWinds Platform server from all SolarWinds Platform servers. |
| 17777 | TCP | SolarWinds Installer | bidirectional | Used when installing the standby server software. |
| 25672 | TCP | RabbitMQ | bidirectional | TCP ports 4369 and 25672 must be open between the main and secondary servers to allow RabbitMQ clustering between the two servers. These ports exchange EPMD and Erlang distribution protocol messages for RabbbitMQ. They do not need to be open in additional polling engine pools. |
Network Atlas
| Port |
Protocol |
Service/Process | Direction |
Description |
|---|---|---|---|---|
| 17777 | TCP | SolarWinds Information Service | Bidirectional | Remote instances of Network Atlas require TCP on port 17777 to either the SolarWinds NPM or the SolarWinds EOC server. |
SolarWinds Platform Agent
SolarWinds Platform Agent: Target computer
| Port | Protocol | Service/ Process |
Direction | Description | Communication method |
OS |
|---|---|---|---|---|---|---|
| 22 | TCP |
sshd Agent installer |
Inbound |
Used to install the agent on Linux/Unix computers through SSH and SFTP or SCP. |
Either | Linux/Unix |
|
135 |
TCP |
Agent installer |
Inbound |
(DCE/RPC Locator service) Microsoft EPMAP. This port must be open on the target computer for remote deployment. WMI is only needed for deploying the agent to a Windows server with the Add Node or Add Agent wizard. If you do not want to open WMI ports required for software deployment, you can use another deployment method for the Agent. WMI also uses any random TCP port greater than 1024. See WMI portocalypse on THWACK. |
Either | Windows |
|
445 |
TCP | Agent installer |
Inbound |
Microsoft-DS SMB file sharing. This port must be open on the target computer (inbound) for remote deployment. |
Either | Windows |
| 17778 |
TCP |
SolarWinds Agent |
Outbound |
Used continuously by the agent to communicate back to theSolarWinds Platform server. Also used to deploy the agent. | Agent-initiated |
All |
|
17790 |
TCP |
SolarWinds Agent |
Inbound |
Used to communicate with the SolarWinds Platform server. | Server-initiated | All |
| Dynamic | UDP | SolarWinds.ServiceHost.Process.exe | Outbound | SolarWinds Cortex utilizes two dynamic UDP listening ports from dynamic range (assigned by OS) for SNMP polling. One port is for IPv4 and the second one is for IPv6 (if enabled). | Either | Windows |
SolarWinds Platform Agent: SolarWinds Platform server
| Port | Protocol | Service/ Process |
Direction | Description | Communication method |
OS |
|---|---|---|---|---|---|---|
| 22 | TCP | n/a |
Outbound |
Used to install the agent on Linux/Unix computers through SSH and SFTP or SCP. |
Either | Linux/Unix |
| 17778 |
TCP |
Orion Module Engine SolarWinds Agent |
Inbound |
Used continuously by the agent to communicate back to the SolarWinds Platform server. Also used to deploy the agent. | Agent-initiated |
All |
|
17790 |
TCP |
Orion Module Engine SolarWinds Agent |
Outbound |
Used to communicate with the SolarWinds Platform server. | Server-initiated | All |
SolarWinds Platform Agent: Local ports
The following ports are required for local communication inside the server or agent. Do not open them in the firewall; they are used only by local services.
Windows
| Port | Protocol | Direction | Description |
|---|---|---|---|
| 17775 | TCP | Inbound (on agents) | RestAPI forwarder for Cortex |
| 17798 | TCP | Inbound (on servers) | Cortex Diagnostics API |
| Dynamic (49152 - 65535) | TCP | Inbound (on agents) | A port from the range 49152 to 65535 is used for communication between the JobEngine and its workers. |
Linux/AIX
| Port | Protocol | Direction | Description |
|---|---|---|---|
| Dynamic | UDP | Inbound (on agents) |
Python scripts in the Agent installation directory use a port from the dynamic range for SNMP-based polling. |
SolarWinds Installer
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
|
80 |
HTTP |
Installer (SolarWinds Administration Service) | Outbound | Used when installation data is transferred from the main polling engine to Additional polling engine (depending on the SolarWinds Platform configuration). |
| 443 | HTTPS | Installer (SolarWinds Administration Service) |
Inbound (online installer) Outbound (when data are downloaded from the main polling engine to Additional polling engines) |
Used by the online installer when data is downloaded from the Internet. It can also be used when installation data is transferred from the main polling engine to Additional polling engines. |
| 17777 | WCF |
SolarWinds Administration Service |
Bidirectional |
Used for the communication between polling engines, also used as a fallback option when HTTP/HTTPS fails to download data to Additional polling engine. |
Database Performance Analyzer Integration Module (DPAIM)
In addition to the port requirements necessary for DPA and any other SolarWinds Platform products, integration requires the following ports.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
DPA server
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
|
443 (cloud) or |
TLS |
Windows: Ignite PI Service Linux: Java/Tomcat |
Bidirectional |
This is the default port number of your DPA website and jSWIS proxy. This port must be open to receive data from the SolarWinds Platform server. |
SolarWinds Platform server
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 17776 | TCP | SolarWinds Information Service |
Bidirectional |
This port must be open to access the SolarWinds Information Service (SWIS) API (notifications). |
| 17777 | TCP |
SolarWinds Information Service SolarWinds Platform Module Engine |
Bidirectional |
This port must be open for all SolarWinds Platform product traffic. |
| 17774 or 17778 | TCP | SolarWinds Information Service |
Bidirectional |
This port must be open to access the SolarWinds Information Service (SWIS) API. DPAIM uses this port to receive information from DPA, and must use the same port that DPA uses to send the information. For information about which port to use, see this article. |
In addition to the port requirements necessary for Database Performance Analyzer and any other SolarWinds Platform products, integration requires the following ports:
Engineer's Toolset (ETS)
Engineer's Toolset on the Desktop
Review and open ports for Engineer's Toolset for Desktop to support communication for various tools in the set.
| Port | Protocol | Service/ Process |
Direction | Description |
|---|---|---|---|---|
| 7 | TCP | WAN Killer |
Inbound / Outbound |
Use port 7 to generate traffic going both ways. When data is sent to port 7 (echo), all traffic that is received by the target device will be sent back to WAN Killer. This will generate a load in both directions. |
| 9 | TCP |
WAN Killer |
Outbound | Use port 9 (discard) to generate one-way traffic. Port 9 discards all data when received. |
| 25 | TCP |
Sending emails |
Outbound | |
| 69 | UDP |
TFTP Server |
||
| 514 | UDP | Syslog Server | Inbound | Allows you to listen for incoming Syslog messages. |
|
2055 |
Netflow Realtime | Inbound | ||
| 17779 | HTTP | SolarWinds Toolset Integration | Inbound to the SolarWinds Platform server | SolarWinds Toolset Integration over HTTP. |
|
17780 |
HTTPS | SolarWinds Toolset Integration | Inbound to the SolarWinds Platform server | SolarWinds Toolset Integration over HTTPS. |
Engineer's Toolset on the Web
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
Review and open the needed ports for the SolarWinds Platform and Engineer's Toolset for the Web.
Ports used by the SolarWinds Platform server, all SolarWinds Platform products
| Port | Protocol | Service/ Process |
Direction | Description |
|---|---|---|---|---|
| 22 | TCP | sshd |
Outbound |
Used to install an agent on Linux computers through SSH and SFTP or SCP. |
| 17774 | TCP |
SolarWinds REST Endpoint |
Inbound | Required for access to the SWIS API. |
| 17778 | TCP |
SolarWinds Agent |
Inbound | Required for agent communication. |
| 17790 | TCP |
SolarWinds Platform Module Engine SolarWinds Agent |
Outbound | Used to communicate with the SolarWinds Platform server. |
| 17791 | TCP |
SolarWinds Platform Module Engine SolarWinds Agent |
Inbound | Used continuously by agents to communicate back to the SolarWinds Platform server. Also used to deploy an agent. |
Additional port used by the SolarWinds Platform server, Engineer's Toolset for the Web
| Port | Protocol | Service/ Process |
Direction | Description |
|---|---|---|---|---|
| 443 | TCP | ssh |
Outbound |
Used for a secured SSH connection during tool use. |
Enterprise Operations Console (EOC)
The following ports must be opened on your firewall for EOC to connect remotely. For a full list of SolarWinds Platform required ports, see SolarWinds Port requirements.
Optional, individual components, such as SolarWinds Platform Agents and High Availability, have additional port requirements.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| Port | Protocol | Service or process | Direction | Description | Encryption |
|---|---|---|---|---|---|
| 80 | TCP |
World Wide Web Publishing Service |
Inbound |
HTTP default for the SolarWinds Platform Web Console website If you specify any port other than 80, you must include that port in the URL used to access the SolarWinds Platform Web Console. For example, if you specify an IP address of 192.168.0.3 and port 8080, the URL used to access the web console is |
No |
| 443 | TCP |
IIS |
Inbound | Access through VPN port (HTTPS) | SSL/TLS 1.2 |
| 17777 | TCP | SolarWinds Information Service | Bidirectional |
Used for the SolarWinds Information Service (SWIS) protocol and for product installation. |
RSA handshake, AES 256 communication using WCF TLS 1.2 with Cortex Certificate (SHA-512) |
IP Address Manager (IPAM)
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| PORT | PROTOCOL | DIRECTION | DESCRIPTION | ENCRYPTION |
|---|---|---|---|---|
| 22 | TCP | bidirectional | SSH (secure shell) | |
| 23 | TCP | bidirectional | Telnet (non-secure) | |
| 53 | TCP |
|
Used for zone transfers, DNS record polling |
|
| 135 | TCP | bidirectional | WMI (Windows) | |
| 161 | UDP | bidirectional | Statistics collection | |
| 443 | TCP | bidirectional | Infoblox (web API) | |
| 445 | TCP | bidirectional | WMI (Windows) | |
|
dynamic, random, greater than 1024 |
TCP | bidirectional | (DCE/Microsoft RPC Locator service) Microsoft EPMAP, only if you monitor nodes via WMI. This port is used by the SolarWinds Job Engine v2 service to communicate with Windows nodes. See WMI portocalypse on THWACK. | |
| 17777 | TCP | bidirectional |
SolarWinds module traffic. Open the port to enable communication from your poller to the SolarWinds Web Console, and from the SolarWinds Web Console to your poller. High Availability Service. Used for communication between the main server and pool members. Job Engine V2, Collector Service, Business Layer, and Information Service v2,23. Used for communication between the services. The port used for communication between the SolarWinds Web Console and the poller. |
RSA handshake, AES 256 communication using WCF |
| 17778 | TCP |
Required to access the SolarWinds Information Service API and agent communication SolarWinds Information Service API |
SSL |
Log Analyzer
- Ports 4369, 25672, and 5672 are opened by default on the main server for RabbitMQ messaging. These ports can be blocked by the firewall. When running SolarWinds High Availability, ensure ports 4369 and 25672 are open.
- RPC ports > 1024 (TCP, bidirectional) is used by the Job Engine v2 process to communicate with Windows nodes.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| Port | Protocol |
Service/ Process |
Direction | Description | Encryption |
|---|---|---|---|---|---|
| user-defined, default: 22 | SSH |
SolarWinds Job Engine v2 IIS |
Outbound from the SolarWinds Platform server to the device | Port for accessing ASA devices through CLI | Device-based |
|
25 |
TCP |
SolarWinds Alerting Service V2 | Outbound |
SMTP port for non-encrypted messages |
n/a |
| 53 | UDP | SolarWinds Job Engine v2 | Bi- directional |
Resolving DNS queries | n/a |
|
80 |
TCP |
IIS | Inbound |
HTTP default for the SolarWinds Platform Web Console website. If you specify any port other than 80, you must include that port in the URL used to access the web console. For example, if you specify an IP address of 192.168.0.3 and port 8080, the URL used to access the web console is The port might also be used for Cisco UCS monitoring. |
n/a |
| 135 | TCP | Microsoft EPMAP (DCE/RPC Locator service) | Bi- directional |
Required for devices polled via WMI. Used to initiate communication with the remotely managed host. | |
|
161 |
UDP |
SolarWinds Job Engine v2 SolarWinds Cortex |
Bi- |
Send and receive SNMP |
SNMP v1 and v2 are unencrypted. SNMP v3 uses AES and 3DES encryption. |
|
162 |
UDP |
SolarWinds Trap Service SNMP Informs |
Inbound |
Receive trap messages |
SNMP v1 and v2 are unencrypted. SNMP v3 uses:
|
|
443 |
TCP |
IIS | Inbound |
Default port for https binding. |
SSL |
|
465 |
TCP |
SolarWinds Alerting Service V2 | Outbound |
SMTP port used to send TLS-enabled email alert actions |
SSL |
|
514 |
UDP |
SolarWinds Syslog Service | Inbound |
Receive syslog messages |
n/a |
|
587 |
TCP |
SolarWinds Alerting Service V2 | Outbound |
SMTP port used to send TLS-enabled email alert actions |
TLS |
|
1433 |
TCP |
SolarWinds Alerting Service V2 SolarWinds Administration Service SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Platform Module Engine |
Outbound |
Communication between the SolarWinds Platform server and the SQL Server. |
n/a |
|
1434 |
UDP |
SolarWinds Alerting Service V2 SolarWinds Administration Service SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Platform Module Engine SQL Server Browse Service |
Outbound |
Communication with the SQL Server Browser Service to determine how to communicate with certain non-standard SQL Server installations. Required only if your SQL Server is configured to use dynamic ports. |
n/a |
| 1468 | TCP | SolarWinds Syslog Service | Inbound | Receive syslog messages | n/a |
|
5671 |
TCP |
RabbitMQ |
Bi- directional |
For encrypted RabbitMQ messaging (AMQP/TLS) into the main polling engine from every SolarWinds Platform server (additional polling engines, HA servers, or additional web servers). Sending messages to RabbitMQ. |
TLS 1.2 |
| 6514 | TCP | SolarWinds Syslog Service | Inbound | Receive syslog messages | TLS |
|
17777 |
TCP |
SolarWinds Platform Module Engine SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Cortex |
Bi- directional |
Communication between services and SolarWinds Platform module traffic. Communication between the SolarWinds Platform Web Console and the polling engines. Communication between the main server and pool members. |
RSA handshake, AES 256 communication using WCF TLS 1.2 with Cortex |
|
17778 |
HTTPS |
SolarWinds Agent | Inbound to the SolarWinds Platform server |
Required for access to the SWIS API and agent communication |
SSL |
See SolarWinds Port requirements for a comprehensive list of port requirements for SolarWinds products.
Optional, individual components, such as SolarWinds agents and High Availability, have additional port requirements.
NetFlow Traffic Analyzer (NTA)
The following table lists ports that SolarWinds NetFlow Traffic Analyzer uses to communicate with other devices and servers.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 53 | UDP | SolarWinds Job Engine V2 | Outbound | Port used to resolve DNS queries. |
| 80 | TCP | IIS | Inbound |
HTTP default for the SolarWinds Platform Web Console website. If you specify any port other than 80, you must include that port in the URL used to access the SolarWinds Platform Web Console. For example, if you specify an IP address of 192.168.0.3 and port 8080, the URL used to access the web console is The port might also be used for Cisco UCS monitoring. |
| 137 | UDP | NetBIOS | Outbound |
Port for outbound traffic if NetBIOS name resolution is turned on. When NTA is trying to resolve the NetBIOS names of servers in their conversations, you may find a large amount of outbound UDP 137 traffic from the NTA collector to a number of external addresses. You can confirm the traffic by using the Flow Navigator to match the outbound connections to existing conversations. This is normal behavior when NetBIOS is enabled. An easy way to demonstrate the behavior is to disable NetBIOS in NTA and watch all outbound connections terminate. |
| 161 |
UDP TCP |
SolarWinds Job Engine v2 | Outbound | The default port used for sending and receiving SNMP information, including polling CBQoS-enabled devices. |
| 443 | TCP | IIS | Inbound | Default port for HTTPS binding. |
| 1433 | TCP |
SolarWinds NetFlow Service |
Outbound | Port used for communication between the NetFlow Service and the existing SQL server. |
|
1434 |
UDP |
SolarWinds NetFlow Service SQL Browse Service |
Outbound | The port used for communication between the NetFlow Service and the SolarWinds Platform database. This port is required only if your SQL Server is configured to use dynamic ports. |
| 2055 | UDP | SolarWinds NetFlow Service | Inbound | The default port for receiving flows on any SolarWinds NTA collector. |
| 5671 | TCP | RabbitMQ | Bidirectional | Port used for RabbitMQ messaging. |
| 17777 | TCP | SolarWinds Information Service | Bidirectional |
Port used for communication between SolarWinds Observability Self-Hosted services. |
Network Configuration Manager (NCM)
The following ports might be needed for the SolarWinds Web Console, depending on how NCM is set up to download and upload configurations.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 22 | SSH/SCP |
SCP server |
Bidirectional |
SSH/SCP default port for NCM to transfer configs |
| 23 | Telnet |
NCM Business Layer Plugin, NCM Jobs (collector) |
Outbound | Telnet default port for NCM to transfer configs |
| 25 | TCP | SolarWinds Alerting Service V2 | Outbound | SMTP email default that NCM uses for notification (If SSL/TLS encryption is set up on SMTP server, default port is 465) |
| 69 | UDP | TFTP Server | Inbound | TFTP server listens on this port |
| 80 | TCP | IIS | Inbound | HTTP default for the SolarWinds Web Console |
| 137 | UDP | File and Printer Sharing (NB-Name-In) | Bidirectional | Used to transfer firmware updates and configuration files remotely |
| 138 | UDP | File and Printer Sharing (NB-Datagram-In) | Bidirectional | Used to transfer firmware updates and configuration files remotely |
| 139 | TCP | File and Printer Sharing (NB-Session-In) | Bidirectional | Used to transfer firmware updates and configuration files remotely |
| 161 | UDP | SolarWinds Job Engine v2 | Outbound | SNMP statistics collection, the default for polling in NCM |
| 162 | UDP | SolarWinds Trap Service | Inbound | Trap messages listened for and received by the Trap Server |
| 443 | TCP | IIS | Inbound | Default port for HTTPS binding |
| 445 | TCP | File and Printer Sharing (SMB-In) | Bidirectional | Used to transfer firmware updates and configuration files remotely |
| 465 | TCP | SolarWinds Alerting Service V2 | Outbound | The port used for SSL/TLS-enabled email alert actions |
| 514 | UDP | SolarWinds Syslog Service | Inbound | Used to listen for incoming syslog messages |
| 587 | TCP | SolarWinds Alerting Service V2 | Outbound | The port used for TLS-enabled email alert actions |
| 5671 | TCP | RabbitMQ | Bidirectional | For encrypted RabbitMQ messaging (AMQP/TLS) into the main polling engine from all SolarWinds Platform servers |
| 17774 | HTTPS/TCP | SolarWinds REST Endpoint | Inbound to the SolarWinds Platform server | Used for access to the SWIS API. |
| 17777 | TCP |
SolarWinds Platform Module Engine SolarWinds Information Service SolarWinds Information Service V3 |
Bidirectional | SolarWinds Platform module traffic. Open the port to enable communication from your poller to the SolarWinds Platform Web Console, and from the SolarWinds Platform Web Console to your poller. The port used for communication between the SolarWinds Platform Web Console and the poller. |
| 17778 | HTTPS | SolarWinds Agent | Inbound to the SolarWinds Platform server | Required for agent communication |
| 17779 | HTTP | SolarWinds Toolset | Inbound to the SolarWinds Platform server | SolarWinds Toolset Integration over HTTP |
Ports 4369, 5672, and 25672 are opened by default. These ports can be blocked by the firewall.
Network Performance Monitor (NPM)
NPM ports
- Ports 4369, 25672, and 5671 are opened by default on the main server for RabbitMQ messaging. These ports can be blocked by the firewall. When running SolarWinds High Availability, ensure ports 4369 and 25672 are open.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| Port | Protocol | Service/Process | Direction | Description | Encryption |
|---|---|---|---|---|---|
| user-defined, default: 22 | SSH |
SolarWinds Job Engine v2 IIS |
Outbound from the SolarWinds Platform server to the device | Port for accessing ASA devices through CLI | Device-based |
|
25 |
TCP |
SolarWinds Alerting Service V2 | Outbound |
SMTP port for non-encrypted messages |
n/a |
| 53 | UDP | SolarWinds Job Engine v2 | Bi- directional |
Resolving DNS queries | n/a |
|
80 |
TCP |
IIS | Inbound |
HTTP default for the SolarWinds Platform Web Console website. If you specify any port other than 80, you must include that port in the URL used to access the SolarWinds Platform Web Console. For example, if you specify an IP address of 192.168.0.3 and port 8080, the URL used to access the web console is The port might also be used for Cisco UCS monitoring. |
Non |
| 135 | TCP | Microsoft EPMAP (DCE/Microsoft RPC Locator service) | Bi- directional |
Required for devices polled via WMI. Used to initiate communication with the remotely managed host. | |
|
161 |
UDP |
SolarWinds Job Engine v2 SolarWinds Cortex |
Bi- |
Send and receive SNMP |
SNMP v1 and v2 are unencrypted. SNMP v3 uses AES and 3DES encryption. |
|
162 |
UDP |
SolarWinds Trap Service SNMP Informs |
Inbound |
Receive trap messages |
n/a |
|
443 |
TCP |
IIS | Inbound |
Default port for https binding. |
SSL |
|
465 |
TCP |
SolarWinds Alerting Service V2 | Outbound |
SMTP port used to send TLS-enabled email alert actions |
SSL |
|
514 |
UDP |
SolarWinds Syslog Service | Inbound |
Receive syslog messages |
n/a |
|
587 |
TCP |
SolarWinds Alerting Service V2 | Outbound |
SMTP port used to send TLS-enabled email alert actions |
TLS |
| dynamic, random, greater than 1024 | TCP | SolarWinds Job Engine v2 | Bi- directional |
(DCE/Microsoft RPC Locator service) Microsoft EPMAP, only if you monitor nodes via WMI. This port is used by the SolarWinds Job Engine v2 service to communicate with Windows nodes. See WMI portocalypse on THWACK. | |
|
1433 |
TCP |
SolarWinds Alerting Service V2 SolarWinds Administration Service SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Orion Module Engine |
Outbound |
Communication between the SolarWinds Platform server and the SQL Server. |
n/a |
|
1434 |
UDP |
SolarWinds Alerting Service V2 SolarWinds Administration Service SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Orion Module Engine SQL Server Browse Service |
Outbound |
Communication with the SQL Server Browser Service to determine how to communicate with certain non-standard SQL Server installations. Required only if your SQL Server is configured to use dynamic ports. |
n/a |
|
5671 |
TCP |
RabbitMQ |
Bi- directional |
For encrypted RabbitMQ messaging (AMQP/TLS) into the main polling engine from all SolarWinds Platform servers (additional polling engines, HA servers, or additional web servers). Sending messages to RabbitMQ. |
TLS 1.2 |
| 17732 |
HTTPS/TCP |
SolarWinds Certificate Management Service | Bi- directional |
The port used for secure communication between the certificate management clients and certificate management service. | SSL/TLS |
|
17774 |
HTTPS/TCP |
SolarWinds REST Endpoint | Inbound to the SolarWinds Platform server |
Required for access to the SWIS API. |
SSL |
|
17777 |
TCP |
SolarWinds Orion Module Engine SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Cortex |
Bi- directional |
Communication between services and SolarWinds Orion module traffic. Communication between the SolarWinds Platform Web Console and the polling engines. Communication between the main server and pool members. |
RSA handshake, AES 256 communication using WCF TLS 1.2 with Cortex |
|
17778 |
HTTPS |
SolarWinds Agent | Inbound to the SolarWinds Platform server |
Required for agent communication. |
SSL |
NetPath™ ports
You may also need to open the following ports:
- NPM ports for communication between polling engines.
- Agent ports when deploying probes on remote machines using agents.
| Port | Protocol | Service or Process | Direction | Source | Destination | Description |
|---|---|---|---|---|---|---|
| User configured | TCP | SolarWinds Agent or JobEngineWorker | Outgoing | NetPath™ probe | Endpoint service | Any ports of the monitored services that are assigned to the probe. Used by the NetPath™ probe to discover service status. |
43 443 | TCP | SolarWinds.BusinessLayerHost (Main server only) | Outgoing | Main polling engine | BGP data providers and announcements, such as:
| Used by NetPath™ to query BGP information about the discovered IP addresses. |
Other firewall settings for NetPath
| Setting | Protocol | Service or Process | Direction | Source | Destination | Description |
|---|---|---|---|---|---|---|
Allow ICMP type 11 (ICMP Time Exceeded) | ICMP | SolarWinds Agent or JobEngineWorker | Incoming | Networking devices along your path | NetPath™ probe | Used by the NetPath™ probe to discover network paths. |
Patch Manager
The following tables list the port requirements for the SolarWinds Patch Manager server and the Application Server.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
Patch Manager server
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 135 | TCP | RPC Endpoint Mapper | Outbound | Establishes WMI connections to remote computers. The server also uses this port to connect to the Service Control Manager (SCM) when it provisions the WMI providers dynamically on the remote computer. |
| 389 | TCP | LDAP | Outbound | Provides the Active Directory authentications. |
| 445 | TCP | SMB over TCP | Outbound | Provisions the WMI providers to a remote computer. |
| 4092 | TCP | Console to server communication | Bidirectional |
Provides communications between:
|
| 54092 | HTTP | Server to service communication | Inbound | Provides unencrypted communications from the SolarWinds Platform Web Module to the Patch Manager Service |
| 54093 | HTTPS | Server to service communication | Inbound | Provides encrypted communications from the SolarWinds Platform Web Module to the Patch Manager Service |
Patch Manager client machines
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 135 | TCP | RPC Endpoint Mapper | Inbound | Provides an SCM connection from the Patch Manager server. |
| 445 | TCP | SMB over TCP | Inbound | Receives the WMI providers from the Patch Manager server. |
Patch Manager clients with agents installed
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 4092 | TCP | Console to Server Communications | Bidirectional | Provides a connection from the Patch Manager to the agent. |
WSUS servers
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 135 | TCP | RPC Endpoint Mapper |
Inbound | Retrieves additional data about WSUS. |
|
443 8530/8531 |
TCP | WSUS web service | Inbound |
Connects to the Microsoft Internet Information Service (IIS). The port assignment varies based on your IIS configuration. Ports 443 and 8531 are secure ports. |
Server & Application Monitor (SAM)
SAM ports
Review and open ports on the SolarWinds Platform server to support communication between the Main Polling Engine, Additional Polling Engines (APEs), and Additional Web Servers.
- Some SAM component monitors and templates have additional port requirements. See Port requirements for component monitors and the SAM Application Monitor Template Reference.
- Ports 4369, 25672, and 5672 are open by default on the SolarWinds Platform server for RabbitMQ messaging, but may be blocked by a firewall. If running High Availability (HA), ensure ports 4369 and 25672 are open.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| Port # | Protocol | Service/Process | Direction | Description | Encryption |
|---|---|---|---|---|---|
| User-defined, default: 22 | SSH |
SolarWinds Job Engine v2 IIS |
Outbound from the SolarWinds Platform server to devices |
Access Cisco ASA devices through the CLI. Used by Nutanix hardware health monitoring. |
Device-based |
| 25 | TCP | SolarWinds Alerting Service V2 | Outbound | SMTP port for non-encrypted messages. | |
| 53 | UDP | SolarWinds Job Engine v2 | Bidirectional | Used to resolve DNS queries. | |
| 80 | TCP | IIS | Inbound |
The default Additional Web Server port for the Web Console. To specify a different port, append it to the Web Console URL (for example, Collect Cisco UCS data. |
|
| 135 | TCP | Microsoft EPMAP (DCE/RPC Locator service) | Bidirectional |
Required to poll devices via WMI. Used to initiate communication with the remotely managed host. Collect Asset Inventory data. |
|
| 161 | UDP |
SolarWinds Job Engine v2 service |
Bidirectional |
Send and receive SNMP information. Collect Asset Inventory data. |
SNMPv1 and v2c are unencrypted. SNMPv3 uses AES and 3DES encryption. |
| 162 | UDP |
SolarWinds Trap service SNMP Informs |
Bidirectional | Send and receive trap messages. | |
| 443 | TCP | IIS | Bidirectional |
Default port for HTTPS binding. Also used for bidirectional ESX/ESXi server polling and Cisco UCS monitoring. |
SSL |
| 445 | TCP | File and Printer Sharing (SMB-In) | Bidirectional |
Used by Asset Inventory to poll machines with VBScript if Windows updates cannot be processed remotely. |
|
| 465 | TCP | SolarWinds Alerting Service V2 | Outbound |
SMTP port used to send TLS-enabled email alert actions. |
SSL |
| 514 | UDP | SolarWinds Syslog Service | Inbound | Receive syslog messages. | |
| 587 | TCP | SolarWinds Alerting Service V2 | Outbound | SMTP port used to send TLS-enabled email alert actions. | |
| dynamic, random, greater than 1024 | TCP | SolarWinds Job Engine v2 | Bidirectional | (DCE/Microsoft RPC Locator service) Microsoft EPMAP, only if you monitor nodes via WMI. This port is used by the SolarWinds Job Engine v2 service to communicate with Windows nodes. See WMI portocalypse on THWACK. | |
| 1433 | TCP |
SolarWinds Administration Service SolarWinds Alerting Service V2 SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Platform Module Engine |
Outbound |
Communication between the SolarWinds Platform server and the SolarWinds Platform SQL database server. |
|
| 1434 | UDP |
SolarWinds Administration Service SolarWinds Alerting Service V2 SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Platform Module Engine SQL Server Browse Service |
Bidirectional |
Communication with SQL Server Browser Service to determine how to communicate with non-standard SQL Server installations. Required only if the SolarWinds Platform database server is configured to use dynamic ports. Also used to during SQL Instance detection. |
|
| 5671 | TCP |
RabbitMQ |
Bidirectional |
For encrypted RabbitMQ messaging (AMQP/TLS) between the Main Polling Engine and Additional Polling Engines, High Availability servers, or Additional Web Servers. |
TLS 1.2 |
| 5986 | TCP | WinRM (HTTPS) | Inbound | WS-Management implementation, used by default for WMI and PowerShell remoting with TLS used for negotiation and encryption. | TLS |
| 5985 | TCP | WinRM (HTTP) | Inbound | WS-Management implementation, used by default for WMI and PowerShell remoting | OS-dependent |
| 17777 | TCP |
SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Platform Module Engine SolarWinds Cortex |
Bidirectional |
Communication between services and SolarWinds Platform module traffic. Communication between the Web Console, the Main Polling Engine, and all scalability engines. Communication between the main server and pool members. |
RSA handshake, AES 256 communication using WCF TLS 1.2 with SolarWinds Cortex |
| 17778 | HTTPS and TCP |
SolarWinds Agent |
Inbound to the SolarWinds Platform server |
Communication between the SolarWinds Platform server, the SolarWinds Information Service (SWIS) API, and agents. |
SSL |
| 38008 | TCP/IP | SolarWinds Credentials service (SolarWinds.Credentials) | Inbound | Supports the Manage Credentials page, and features that use those credentials, such as API pollers. | HTTPS |
| 38010 | TCP/IP | SolarWinds API Poller service (Orion.ApiPoller) | Inbound | Supports the API Poller feature. | HTTPS |
| 38012 | TCP/IP | Container Monitoring | Bidirectional | Communication between the SolarWinds Platform Business Layer and container environments |
Container monitoring
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 38012 | HTTPS | Bidirectional | Communication between the Orion Business Layer and container environments |
Additional port requirements for container services include:
- For Docker and Docker Swarm:
- 80: Used to download the configuration file from the SolarWinds Platform server
- 4043: Container port (internal Docker communication)
- 6784: Report status (internal Docker communication)
- For Kubernetes (K8s) and Microsoft Azure Kubernetes (AKS):
- 4043: Target port/Container port (internal Docker communication)
- 10250: Listening port for Kubelet agent
- 30043: Node port (internal Docker communication)
- For Apache Mesos:
- 4043: Mesos master server port (internal Mesos communication)
- 8080: Deployment service (internal Mesos communication)
Nutanix
| Port | Protocol | Service/Process | Direction | Description | Encryption |
|---|---|---|---|---|---|
| 22 | SSH | SolarWinds Job Engine v2 | Outbound |
The port used for Nutanix hardware health monitoring. |
|
| 9440 | HTTPS and TCP | SolarWinds Cortex | Bidirectional | Communication between polling engines and the Nutanix AOS API. | TLS 1.2 |
Server Configuration Monitor (SCM)
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| Port | Protocol | Service/ Process |
Direction | Description |
|---|---|---|---|---|
| 22 | SSH | SolarWinds Job Engine v2 IIS | Bidirectional | Access ASA devices through CLI |
| 25 | TCP | SolarWinds Alerting Service V2 | Outbound | Default port for SMTP email notifications. If SSL/TLS encryption is enabled on the SMTP server, use port 465. |
| 53 | UDP | SolarWinds Job Engine V2 | Bidirectional | Resolving DNS queries |
| 80 | TCP | IIS | Inbound | HTTP default for the SolarWinds Platform Web Console website.
If you specify any port other than 80, you must include that port in the URL used to access the SolarWinds Platform Web Console. For example, if you specify an IP address of 192.168.0.3 and port 8080, the URL used to access the web console is http://192.168.0.3:8080. |
| 161 | UDP | SolarWinds Job Engine V2 | Outbound | SNMP statistics collection, the default for polling |
| 443 | TCP | IIS | Inbound | Default port for HTTPS binding |
| 445 | TCP | File and Printer Sharing (SMB-In) | Bidirectional | Used to store firmware updates and configuration files remotely |
| 465 | TCP | SolarWinds Alerting Service V2 | Outbound | Default port for SSL-enabled email alert actions |
| 587 | TCP | SolarWinds Alerting Service V2 | Outbound | Default port for TLS-enabled email alert actions |
| 1434 | UDP |
SolarWinds Alerting Service V2 SolarWinds Administration Service SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Platform Module Engine SQL Server Browse Service |
Outbound | Communication with the SQL Server Browser Service to determine how to communicate with certain non-standard SQL Server installations. Required only if your SQL server is configured to use dynamic ports. |
| 5671 | TCP | RabbitMQ | Bidirectional | For RabbitMQ messaging (AMQP/TLS) between the main polling engine and all Additional Polling Engines, High Availability servers, or Additional Web Servers. |
| 5985 | TCP | WinRM (HTTP) | Outbound | WS-Management implementation, used by PowerShell remoting |
| 5986 | TCP | WinRM (HTTPS) | Outbound | WS-Management implementation, used by PowerShell remoting with TLS for negotiation and encryption. |
| 17777 | TCP |
SolarWinds Platform Module Engine SolarWinds Information Service SolarWinds Information Service V3 |
Bidirectional | SolarWinds Platform module traffic. The port used for communication between the SolarWinds Platform Web Console and the poller. |
| 17778 | HTTPS | SolarWinds Platform Agent | Inbound to the SolarWinds Platform server | Required for access to the SWIS API and agent communication |
Ports 4369, 5672, and 25672 are opened by default. These ports can be blocked by the firewall.
Storage Resource Monitor (SRM)
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
The following table shows the ports used by SRM:
| Port | Type | Direction | Description |
|---|---|---|---|
|
25 |
TCP |
Outbound |
SSL/TLS for email alert actions should be enabled. |
| 80 | TCP | Inbound |
Default web port. If you specify any port other than 80, you must include that port in the URL used to access the SolarWinds Platform Web Console. For example, if you specify an IP address of 192.168.0.3 and port 8080, the URL used to access the SolarWinds Platform Web Console is https://192.168.0.3:8080. Open the port to enable communication from your computers to the SolarWinds Platform Web Console. Used on the NetApp head/cluster node and any available CIFS/NFS. Used by EMC VNX/Clariion for file side performance. |
| 162 | UDP | Inbound | SolarWinds Trap Service |
|
443 |
TCP |
Inbound |
Default for HTTPS binding |
|
1433 |
TCP |
Outbound |
Used for communication between the SRM and the SQL Server. |
|
1434 |
UDP |
Outbound |
Used for communication with the SQL Server Browser Service to determine how to communicate with certain non-standard SQL Server installations. |
|
17777 |
TCP |
Bidirectional |
SolarWinds Platform module traffic. Open the port to enable communication from your poller to the SRM Web Console, and from the SRM Web Console to your poller. |
|
17778 |
TCP |
Bidirectional |
(HTTPS) Required for access to the SWIS API. |
|
17779 |
TCP |
Inbound |
(HTTP/HTTPS) SolarWinds Platform Toolset integration. |
SolarWinds Platform products no longer use port 1801 for MSMQ.
The following condensed table shows the ports used by SRM for collecting data from the storage arrays:
| Port | Type | Storage array | Direction | Description |
|---|---|---|---|---|
| 80 | TCP |
NetApp Filer (Direct Polling) NetApp DFM clustered mode EMC VNX XML API EMC Unity EMC XtremIO |
Outbound |
Alternate ONTAP API port for NetApp connections. Alternate connection to NetApp On command for clustered mode management server. Used by EMC VNX/Clariion for file side performance. |
| 161 | UDP |
All Storage Arrays monitored via SNMP Dell EqualLogic PS Series. Dell PowerScale/EMC Isilon EMC Data Domain |
Outbound | SNMP connections to the storage array. |
| 443 | TCP | Dell PowerStore T | Outbound | |
| 443 | TCP |
NetApp ONTAP API NetApp DFM clustered mode EMC VNX XML API EMC Unity EMC XtremIO InfiniDat InfiniBox Kaminario K2 |
Outbound |
Secure ONTAP API port for NetApp connections. Secure connection to NetApp On command for clustered mode management server. (HTTPS) Used on the NetApp head/cluster node and any available CIFS/NFS. Used by EMC VNX/Clariion for file side performance. |
| 5392 | TCP | HPE Nimble | Outbound | |
| 5988 | TCP |
All Storage Arrays monitored via SMI-S Dell Compellent Dell PowerVault MD 3xxx Dot Hill AssuredSAN 4xxx/5xxx EMC Symmetrix VMAX / VMAXe / DMX-4 EMC VMAX3 and VMAX All Flash Family (HYPERMAX OS) EMC VNX / CLARiiON EMC VNX NAS Gateway / Celerra HDS (External Provider) HDS (Onboard Provider) HP 3PAR / StoreServ HP P2xxx / MSA HP StorageWorks XP (External Provider) HP StorageWorks XP (Onboard Provider) IBM DS 3xxx / 4xxx / 5xxx IBM DS 8xxx IBM FlashSystem A9000 / A9000R IBM SVC V9000 / V7000 /V5000 / V3700 |
Outbound | Alternate port on SMI-S provider (external or on onboard). |
| 5989 | TCP |
All Storage Arrays monitored via SMI-S Dell Compellent Dell PowerVault MD 3xxx, EMC Symmetrix VMAX / VMAXe / DMX-4 EMC VMAX3 and VMAX All Flash Family (HYPERMAX OS) EMC VNX / CLARiiON EMC VNX NAS Gateway / Celerra HDS (External Provider) HDS (Onboard Provider) HP 3PAR / StoreServ HP P2xxx / MSA HP StorageWorks XP (External Provider) HP StorageWorks XP (Onboard Provider) IBM DS 3xxx / 4xxx / 5xxx IBM DS 8xxx IBM FlashSystem A9000 / A9000R IBM SVC V9000 / V7000 / V5000 / V3700 |
Outbound | Secure and preferred SMI-S port on SMI-S provider (external or on onboard). |
| 8088 | TCP | NetApp DFM 7 mode | Outbound |
Alternate connection to the NetApp On command management servers for 7 mode arrays. |
| 8488 | TCP | NetApp DFM 7 mode | Outbound |
Secure connection to the NetApp On command management servers for 7 mode arrays. |
User Device Tracker (UDT)
The following table lists port requirements for SolarWinds User Device Tracker. For SolarWinds Platform port requirements, such as APE, AWS, or HA port requirements, see Ports for SolarWinds Platform features.
|
Port |
Protocol |
Service/Process | Direction |
Description |
|---|---|---|---|---|
| 22 | SSH | SSH Server | Outbound | The SSH port used for CLI (operation polling). |
| 23 | TCP | Telnet Server | Outbound | The Telnet port used for CLI (operation polling). |
| 135 | TCP | SolarWinds Job Engine | Bidirectional | Port for WMI polling. |
|
161 |
UDP |
SolarWinds Job Engine v2 | Outbound |
Used for SNMP (polling) traffic. |
| 389, 636 | TCP/UDP | LDAP | Outbound | LDAP ports used to retrieve data from Active Directory logs. |
Virtualization Manager (VMAN)
VMAN ports
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
VMAN requires the basic server port requirements needed for the SolarWinds Platform server. See SolarWinds Platform server port requirements for more details.
In addition, VMAN requires port 17799 (Inbound and outbound) to support Container service monitoring in order to communicate with container orchestrators.
Container monitoring
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 38012 | HTTPS | Bidirectional | Communication between the Orion Business Layer and container environments |
Additional port requirements for container services include:
- For Docker and Docker Swarm:
- 80: Used to download the configuration file from the SolarWinds Platform server
- 4043: Container port (internal Docker communication)
- 6784: Report status (internal Docker communication)
- For Kubernetes (K8s) and Microsoft Azure Kubernetes (AKS):
- 4043: Target port/Container port (internal Docker communication)
- 10250: Listening port for Kubelet agent
- 30043: Node port (internal Docker communication)
- For Apache Mesos:
- 4043: Mesos master server port (internal Mesos communication)
- 8080: Deployment service (internal Mesos communication)
Nutanix
| Port | Protocol | Service/Process | Direction | Description | Encryption |
|---|---|---|---|---|---|
| 22 | SSH | SolarWinds Job Engine v2 | Outbound |
The port used for Nutanix hardware health monitoring. |
|
| 9440 | HTTPS and TCP | SolarWinds Cortex | Bidirectional | Communication between polling engines and the Nutanix AOS API. | TLS 1.2 |
VoIP & Network Quality Manager (VNQM)
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
|
Port |
Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 21 | TCP | SolarWinds Collector Service | Bidirectional | The port used for FTP (CDR/CMR download). |
| 22 | TCP | SolarWinds Collector Service | Bidirectional |
The port used for SFTP (CDR/CMR download) and for SSH for CLI (operation polling). |
|
23 |
TCP | SolarWinds Collector Service | Bidirectional | The port used for TELNET for CLI (operation polling). |
|
80 |
TCP | World Wide Web Publishing Service | Bidirectional | HTTP port. The port used by Additional Web Servers. If you change this setting, you must include the port in the URL used to access the SolarWinds Platform Web Console. |
| 161 | UDP | SolarWinds Collector Service | Outbound | The default UDP port of NPM, used by SNMP. |
| 443 | TCP | World Wide Web Publishing Service | Bidirectional | The port used for conducting secure SSL communications. |
| 5005 | UDP | SolarWinds Collector Service | Bidirectional |
The port used for RTCP data (call metrics) listening from Avaya Call Manager. |
| 5022 | TCP | SolarWinds Collector Service | Bidirectional | The port used for communication with Avaya Call Manager via CLI through SSH. |
| 8443 | HTTPS | SolarWinds Orion Module Engine/Business Layer Plugin | Outbound | The port used for Cisco Call Manager AXL credentials troubleshooting. |
| 17777 | TCP | SolarWinds Information Service | Bidirectional |
The port used for communication from your polling engine to the SolarWinds Platform Web Console, and from the SolarWinds Platform Web Console to your polling engine. |
| 50000 | TCP | SolarWinds Collector Service | Bidirectional | The port used for CDR data (call records) listening from Avaya Call Manager. |
Web Performance Monitor (WPM, formerly SEUM)
The following port requirements apply to the primary WPM installation on the SolarWinds Platform server. For remote machines, see Web Transaction Recorder and WPM Player requirements.
- Ports 4369, 25672, and 5672 are open by default on the SolarWinds Platform server for RabbitMQ messaging, but may be blocked by the firewall. If running SolarWinds High Availability (HA), open ports 4369 and 25672.
- RPC ports > 1024 (TCP, bidirectional) are used by the Job Engine v2 process to communicate with Windows nodes.
SolarWinds does not recommend the use of HTTP (Port 80). Please use HTTPS (Port 443) to ensure that any web-related connections are secure.
| Port # | Protocol | Service/Process | Direction | Description | Encryption |
|---|---|---|---|---|---|
|
User-defined default: 22 |
SSH |
SolarWinds Job Engine v2 IIS |
Outbound from the SolarWinds Platform server to devices |
Access Cisco Adaptive Security Appliance (ASA) devices through the Command-Line Interface (CLI). |
Device-based |
| 25 | TCP | SolarWinds Alerting Service V2 | Outbound |
SMTP port for non-encrypted messages |
|
| 53 | UDP | SolarWinds Job Engine V2 | Bidirectional |
Resolve DNS queries |
|
| 80 | TCP | IIS | Inbound |
Default Additional Web Server (AWS) port. If you specify any port other than 80, include that port in the URL used to access the Web Console. For example, if you specify 192.168.0.3 and port 8080, the URL to access the SolarWinds Platform Web Console is Open the port to enable communication from systems to the Web Console. |
|
| 135 | TCP | Microsoft EPMAP (DCE/RPC Locator service) | Bidirectional |
Required for WMI polling, this port initiates communication with remotely managed hosts, then switches to a random port between 1024 and 65535. |
|
| 161 | UDP | SolarWinds Job Engine v2, SolarWinds Cortex (communication) | Bidirectional |
Send and receive SNMP information. |
SNMP v1 and v2 are unencrypted. SNMP v3 uses AES and 3DES encryption. |
| 162 | UDP |
SolarWinds Trap Service SNMP Informs |
Bidirectional |
Send and receive trap messages. |
|
| 443 | TCP | IIS | Inbound |
Default port for HTTPS binding. Also used for bi-directional ESX/ESXi server polling. |
SSL |
| 465 | TCP | SolarWinds Alerting Service V2 | Outbound |
SMTP port used to send TLS-enabled email alert actions. |
SSL |
| 514 | UDP | SolarWinds Syslog Service | Inbound |
Receive syslog messages |
|
| 587 | TCP | SolarWinds Alerting Service V2 | Outbound |
SMTP port used to send TLS-enabled email alert actions. |
TLS |
| 1433 | TCP |
SolarWinds Alerting Service V2 SolarWinds Administration Service SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Platform Module Engine |
Outbound |
Supports communication from the SolarWinds Platform server to the SolarWinds Platform database server. |
|
| 1434 | UDP |
SolarWinds Alerting Service V2 SolarWinds Administration Service SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Platform Module Engine SQL Server Browse Service |
Outbound |
Supports communication with the SQL Server Browser Service to determine how to handle certain non-standard SQL Server installations. Required only if your SolarWinds Platform database server is configured to use dynamic ports. |
|
| 5671 | TCP | RabbitMQ | Bidirectional |
For encrypted RabbitMQ messaging (AMQP/TLS) into the Main Polling Engine from scalability engines. |
TLS 1.2 |
| 17777 | TCP |
SolarWinds Platform Module Engine SolarWinds Information Service SolarWinds Information Service V3 SolarWinds Cortex (communication) |
Bidirectional |
Supports communication between:
|
RSA handshake, AES 256 communication using WCF TLS 1.2 with Cortex |
| 17778 | HTTPS | SolarWinds Agent | Bidirectional |
Supports access to the SWIS API and agent communication. |
SSL |
| 17781 | TCP | WPM Playback Player | Bidirectional |
Used for communication between the SolarWinds Platform server and remote systems that host WPM Players. |
|
| 17782 | TCP | WPM Playback Player | Bidirectional |
Used for WPM Player-initiated communications. |
|
| 17783 | TCP | WPM Playback Player | Bidirectional |
Used for automatic WPM Player updates. |
|
| 17784 | TCP | WPM Playback Player | Bidirectional |
Used for inter-process communication between the WPM Playback Player service running on the SolarWinds Platform server, an APE, or a remote machine, and the following local apps running on systems that host WPM Players: |
Other SolarWinds products
Access Rights Manager (ARM)
Beginning in version 2020.2.2, Random High Ports are no longer used. You can find the network requirements for versions 2019.4 and earlier here.
| Port# | Protocol | Service/ Process |
Direction | Description |
|---|---|---|---|---|
| - | ICMP | - | The connection is initiated by the ARM server or by a collector. | Connectivity check. |
|
88 |
TCP |
Kerberos |
The connection is always initiated by the ARM server. |
Authentication. |
| 135 | TCP | RPC | The connection is always initiated by the ARM server. | Scan local accounts, retrieve events from domain controllers. |
|
139 |
TCP |
NetBIOS |
The connection is always initiated by the ARM server. |
|
|
389 |
TCP |
LDAP |
The connection is always initiated by the ARM server. | Scan and manage Active Directory. The port must be reachable on every domain controller. |
| 445 | TCP | Microsoft DS (CIFS) | The connection is always initiated by the ARM server. | Scan and manage file server shares. |
| 541* | UDP | Syslog | The connection is always initiated by the ARM server. | Send events to a Syslog server. |
| 636 | TCP | LDAPS | The connection is always initiated by the ARM server. |
Scan and manage Active Directory. The port must be reachable on every domain controller. If your system uses LDAPS, it may still be required that port 389 is reachable on the DCs. |
| 1433 | TCP | MS SQL Server | The connection is always initiated by the ARM server. |
Access Rights Manager uses this port for all communication between the Access Rights Manager server and the SQL server. Collectors communicate only with the Access Rights Manager server and do not communicate with the SQL server. |
| 2002* | TCP | FS Logga | The connection is initiated by the configured collector. | ARM uses the connection for retrieving events from a NetApp file server. |
| 5671* | TCP | RabbitMQ | The connection is initiated by the ARM server or by a collector. | ARM utilizes RabbitMQ message queuing for alerting (FS Logga and AD Logga). |
| 15671* | TCP | RabbitMQ | The connection is initiated by the ARM server or by a collector. | RabbitMQ management port. Used by ARM server health check. Only between ARM server and RabbitMQ, Collectors are not affected. |
| 5985 | TCP | WinRM | The connection is initiated by the ARM server (collector update) or by a collector (Exchange, SharePoint). | Via PowerShell: collector update, access Exchange, retrieve available SharePoint site collections (only for SharePoint on-premise). |
| 5986 | TCP | WinRM (SSL) | The connection is initiated by the ARM server (collector update) or by a collector (Exchange, SharePoint). | Via PowerShell: collector update, access Exchange, retrieve available SharePoint site collections (only for SharePoint on-premise). |
|
55555* |
TCP |
Access Rights Manager components default port |
The connection is initiated by the ARM server or by a collector. |
Access Rights Manager components default port. Access Rights Manager uses this port for all communication between the Access Rights Manager server and client (GUI applications), Web Client, WebAPI, Collectors. |
| 55580 | TCP | ARM Configuration Wizard | The connection is always initiated by the Configuration Wizard. | With the Configuration Wizard, you can perform the basic configuration and integrate resources into ARM. |
*The specifications apply to the standard configuration. You can configure different ports.
To access online resources, the following URLs must be reachable:
Exchange Online
-
https://outlook.office365.com/powershell-liveid/
Further Azure/Microsoft 365 resources
-
https://graph.microsoft.com
-
https://login.microsoftonline.com
-
https://manage.office.com/api/v1.0/
For additional information, see ARM architecture and scalability.
Dameware (DRS, MRC, DRE)
Dameware centralized
Dameware stand-alone
Dameware Remote Everywhere
The ports identified in the tables below must be accessible for Dameware Remote Everywhere remote control connections.
If the agent has a direct TCP port configured, the same port must be open at the agent's firewall and be accessible by the viewer.
macOS uses TCP Mode only
Dameware Remote Everywhere can use the UDP transmission model to connect to devices in addition to TCP.
Initially, the Dameware Remote Everywhere viewer requires access to port 1234. After the system administrator modifies the firewall to enable the identified IP addresses to communicate with the server, the ports can be random.
| Port | Protocol | Service | Direction | Description |
|---|---|---|---|---|
| 80 | TCP | - | Outbound | Required for HTTP connectivity |
| 443 | TCP | - | Outbound | Required for HTTP connectivity |
| 1234 | UDP | - | Bidirectional | Required for P2P connections |
| 1235 | UDP | - | Bidirectional | Required for P2P connections |
|
3377 |
TCP | - | Outbound | Failover port where DPI is enabled |
Database Performance Analyzer (DPA)
Kiwi CatTools
Kiwi CatTools 3.12.4 uses the following ports.
| Port | Protocol | Service | Direction | Description |
|---|---|---|---|---|
| 22 | TCP / UDP | SSH Server | Bidirectional | SSH port for CatTools to transfer configs |
| 23 | Telnet | Telnet Server | Outbound | Telnet port for CatTools to transfer configs |
| 25 | TCP | SMTP Service | Outbound | SMTP email port that CatTools uses for alerting |
| 514 | UDP/TCP | Syslog Service | Outbound | Sends log messages to a syslog server |
| 161 | UDP | Kiwi Trap Service | Outbound | Sending SNMP traps to a trap receiver |
| 69 | UDP | TFTP Server | Bidirectional | TFTP port for CatTools to transfer config-files |
| 4400 | TCP | Kiwi CatTools Service | Bidirectional | Internal communication between the CatTools service and CatTools Manager. |
Kiwi Syslog Server
| Port | Protocol | Service | Direction | Description |
|---|---|---|---|---|
| 514 (default), plus one Ephemeral port | UDP | Kiwi Syslog Service | Inbound | Syslog messages listened for and received by the Syslog Server |
| 1468 (default) | TCP | Kiwi Syslog Service | Inbound | Syslog messages listened for and received by the Syslog Server |
|
162 (default) for IPv4 163 (default) for IPv6 |
UDP /TCP |
Kiwi Syslog Service | Inbound |
Trap messages listened for and received by the Syslog Server |
| 6514 (default) | TCP | Kiwi Syslog Service | Inbound | Secure Syslog messages listened for and received by the Syslog Server |
| 5000, plus one Ephemeral port | TCP/TLS | Kiwi Syslog Service | Bidirectional | Internal communication between the Syslog service and Syslog Web Server |
| 443 (default) | TCP | Web Server | Inbound | Standard secure port for HTTPS |
| 25 (default) | TCP | SMTP Service | Outbound | SMTP email port that Syslog Server uses for alerting |
Network Topology Mapper (NTM)
| Port | Protocol | Service or process | Direction | Description |
|---|---|---|---|---|
| 161 | UDP | SolarWinds Network Topology Job Scheduler | Bidirectional | The port used for SNMP statistics collection. |
| 443 | TCP | SolarWinds Network Topology Job Scheduler | Bidirectional |
The port used to communicate with VMware Virtual Center or ESX server. |
| 17778 | HTTPS | SolarWinds Network Topology Job Scheduler | Outbound | The port used to access the SolarWinds Information Service (SWIS) API for exporting maps from a scheduled discovery to Network Atlas. |
| 135 and a range between 1024 and 65535 | TCP/UDP | SolarWinds Network Topology Job Scheduler | Bidirectional |
WMI uses TCP Port 135 and a range of dynamic ports between 1024 and 65535. You can set up WMI to use a custom range. For details, see Setting Up a Fixed Port for WMI in Microsoft documentation (© 2023 Microsoft, available at https://learn.microsoft.com/en-us/windows/win32/wmisdk/setting-up-a-fixed-port-for-wmi, obtained on May 22, 2023.) |
Security Event Manager (SEM)
For a list of ports required to communicate with SolarWinds products, see Port requirements for all SolarWinds products.
| Port # | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 22 | TCP | SSH | Bidirectional | SSH traffic to the SolarWinds SEM VM. If you need to close ports 22, contact SolarWinds Support. |
| 25 | TCP | SMTP | Outbound | SMTP traffic from the SolarWinds SEM VM to your email server for automated email notifications. |
| 80, 8080 | TCP | HTTP | Bidirectional |
Non-secure HTTP traffic from the SolarWinds SEM console to the SolarWinds SEM VM. (SEM closes this port when the activation is completed |
| 445 | TCP | NetBIOS, SMB2 | Bidirectional |
Standard Windows file sharing ports (NetBIOS Session Service, Microsoft SMB) that SEM uses to export debug files, syslog messages, and backup files. The SEM Remote Agent Installer also uses these ports to install agents on Microsoft Windows hosts across your network. Server Message Block version 1 (SMB1) is no longer supported.
|
| 161, 162 | TCP | SNMP | Bidirectional | SNMP trap traffic received from devices, and used by the Orion platform to monitor SEM. |
| 389, 636 | TCP | LDAP | Outbound |
LDAP ports that the SEM Directory Service Connector tool uses to communicate with a designated Active Directory domain controller. The SEM Directory Service Connector tool uses port 636 for SSL communications to a designated Active Directory domain controller. |
| 443, 8443 | TCP | HTTPS | Bidirectional |
HTTPS traffic from the SolarWinds SEM console to the SEM VM. SEM uses these secure HTTP ports after SEM is activated. This port is also used to automatically update the SEM Connectors. |
| (445) | TCP | See entry for port 139. | ||
| 514 | TCP or UDP | Syslog | Inbound | Syslog traffic from devices sending syslog event messages to the SolarWinds SEM VM. |
| (636) | TCP | See entry for port 389. | ||
| 1094 | TCP | Syslog | Inbound | Syslog traffic from certain Cisco devices. |
| 1470 | TCP | PSyslog | Inbound | Syslog traffic from certain Cisco devices. |
| (8080) | TCP | See entry for port 80. | ||
| (8443) | TCP | See entry for port 443. | ||
| 8983 | TCP | nDepth | Inbound | nDepth traffic sent from nDepth to the SEM VM containing raw (original) log data. |
| 37890-37892 | TCP | SEM Agents | Inbound | SEM Agent traffic sent from SolarWinds SEM Agents to the SolarWinds SEM VM. (These ports correspond to the destination ports on the SEM VM.) |
Serv-U File Server
| Port | Protocol | Service/Process | Direction | Description |
|---|---|---|---|---|
| 21 | TCP | FTP and explicit SSL/TLS | Bidirectional | FTP is the traditional protocol for transferring files over the Internet. Traditionally, FTP is handled in plain text. However, SSL connections are explicitly supported using the AUTH command. |
| 22 | TCP | SFTP Using SSH2 | Bidirectional | SFTP is a secure method of transferring files through a secure shell session. It performs all protocol communications and data transfers over the same port eliminating the need to open multiple ports in firewalls (as is commonly required when using FTP). SFTP sessions are always encrypted. |
| 80 | TCP | HTTP | Bidirectional | HTTP is the protocol used to browse websites. It is also a simple method for downloading and transferring files. One benefit to adding an HTTP listener to a domain is the availability of the Web Client, which allows users to transfer files to and from your file server without the need for a standalone client. |
| 443 | TCP | HTTPS (SSL encrypted HTTP) | Bidirectional | HTTPS is identical to HTTP except all communications are secured using SSL. Like FTPS, a secure connection is implied when connecting to a listener running the HTTPS protocol. |
| 990 | TCP | Implicit FTPS (SSL/TLS) | Bidirectional | FTPS is identical to FTP, although connecting to a listener configured for FTPS means an SSL connection is required before any protocol communication is performed. This is commonly referred to as Implicit FTPS. |
These are defaults. You can use any port between 1 and 65535. However, when using a non-standard port, clients must know the proper port in advance when they attempt to connect to the domain. If using a non-standard port, it is recommended you use a value above 1024 to prevent potential conflicts.
Web Help Desk (WHD)
Web Help Desk provides communication ports for the following resources:
Web Help Desk interfaces
The following table lists the Web Help Desk ports for secure and non-secure interface traffic.
| Port | Protocol | Description |
|---|---|---|
| 135 | TCP | Asset Discovery using Windows Management Instrumentation (WMI) |
| 389 | TCP | Non-secure traffic from the Web Help Desk server to a designated server (usually a domain controller) for use with the Directory Service tool (LDAP and Active Directory) |
| 443 | TCP | Secure traffic from the Web Help Desk Console |
| 8081 | TCP | Non-secure traffic from the Web Help Desk Console (Windows, Linux and OSX) |
| 8443 | TCP | (Default) Secure traffic from the Web Help Desk Administrator Console (Windows, Linux and OS X) |
| 17778 | TCP | Communications from the SolarWinds Orion server (Orion integration only) |
| 61616 | TCP | Web Help Desk Discovery engine (JMS queue port) |
Databases
The following table lists the Web Help Desk ports for external and embedded database communications.
| Port | Protocol | Description |
|---|---|---|
| 1433 | TCP |
Communications with a Microsoft SQL external database, including:
|
| 3306 | TCP | External MySQL database |
| 5432 | TCP | Communication with an External PostgreSQL database |
| 20293 | TCP | Communications with an embedded PostgreSQL database |
The following table lists the Web Help Desk ports for email traffic.
| Port | Protocol | Description |
|---|---|---|
| 25 | TCP | Traffic from the Web Help Desk server to your email server for automated email notifications |
| 80 | TCP | Non-secure connection with Microsoft Exchange Web Services (EWS) |
| 110 | TCP | Non-secure traffic with the POP3 mail server |
| 143 | TCP | Non-secure traffic with the Internet Message Access Protocol (IMAP) mail server |
| 443 | TCP | Secure traffic with EWS |
| 993 | TCP | Secure traffic with the IMAP mail server |
| 995 | TCP | Secure traffic with the POP3 mail server |
LDAP and Active Directory
The following table lists the Web Help Desk ports for Lightweight Directory Access Protocol / Active Directory (LDAP / AD).
| Port | Protocol | Description |
|---|---|---|
| 389 | TCP | Traffic from the Web Help Desk server to a designated server (usually a domain controller) for use with the Directory Service tool (LDAP and Active Directory) |
| 636 | TCP | Secure traffic from the Web Help Desk server to a designated server (usually a domain controller) for use with the Directory Service tool (LDAP and Active Directory) |
Asset Discovery
The following table lists the Web Help Desk ports for Asset Recovery.
| Port | Type | Description |
|---|---|---|
| 135 | TCP | Asset Discovery using WMI (WMI calls uses port 135 and then chooses a random port for further communication) |
| 1521 | TCP | Communication with the Oracle Java Database Connectivity (JDBC) connector for asset discovery |
| 3306 | TCP | Communication with the MySQL external database Casper 8 and lower |
| 4445 | TCP | Remote log server reader |
| 5433 | TCP | Communication with Apple Remote 3.2 for asset discovery |
| 7100 | TCP | Communications with a Sybase database for asset discovery |
Firewall port requirements for data traffic
Firewalls between any two points of communication must have the requisite ports open to inbound or outbound traffic according to the relative direction of the communication traffic.
For additional port information, see: