Previous Topic: Firewall ConfigurationNext Topic: Ports to Open for a Two-Tier Distributed Deployment

Preparing Windows ServersFirewall ConfigurationPorts to Open for a Stand-Alone System

Ports to Open for a Stand-Alone System

Open the following ports for a stand-alone system to allow CA Network Flow Analysis communications to function properly.

From

To

Port [Function]

NFA console

Outbound
  • TCP 25 [SMTP email reports]
  • UDP 53 [DNS]

Harvester

Routers (SNMP interface, read-only)
  • UDP 161 [SNMP polling]

Harvester

Trap destination
  • UDP 162 [traps]

Router

Harvester
  • UDP 9995 [flow]

Administrators and operators

NFA console
  • TCP/HTTP 80 [UI access and SNMP web services]
  • TCP/HTTP 8381 [Single Sign-On]

CA PC / NPC Console

NFA console
  • TCP/HTTP 80 [device and interface synchronization with CA PC / NPC]
  • TCP 8681 [data import for NFA views in CA PC / NPC]

Administrators

Each server
  • TCP 3389 [Remote Desktop, if Remote Desktop is used]
  • TCP 5800, 5801, 5900, 5901 [VNC, if VNC is used]