Getting Started > SAM Requirements > SAM port requirements

SAM port requirements

Configure ports to support communications for the main polling engine and the Orion SQL server, as well as additional polling engines and web servers. Some ports have feature-specific requirements for Orion agents and High Availability, as well as component monitors and templates.

Ports 4369, 25672, and 5672 are open by default, but can be blocked by a firewall.

Port Proto-
col
Direction

Encryption

Description
25 TCP     SMTP port for non-encrypted messages
161 UDP bidirectional   Statistics collection
162 UDP incoming   Trap Server listening for incoming messages
443 TCP bidirectional   Default port for https binding and bi-directional ESX/ESXi server polling and for Cisco UCS monitoring.
465 TCP outbound SSL SSL-enabled email alert actions
587 TCP outbound TLS TLS-enabled email alert actions
1801 TCP   WCF MSMQ WCF binding
4369 TCP bidirectional   Required for RabbitMQ messaging (epmd)
5671 AMQP bidirectional TLS SSL encrypted RabbitMQ messaging from the additional polling engines to the main polling engine
5672 TCP     Non-encrypted RabbitMQ messaging between the primary and additional polling engines. This is a backup communication port that is not used by default.
25672 TCP bidirectional   Required for RabbitMQ messaging (Erlang distribution)
17777 TCP bidirectional RSA handshake, AES 256 communication using WCF

Orion module traffic. Open the port to enable communication from your poller to the Orion Web Console, and from the Orion Web Console to your poller.

High Availability Service. Used for communication between the main server and pool members.

Job Engine V2, Collector Service, Business Layer, and Information Service v2,23. Used for communication between the services.

The port used for communication between the Orion Web Console and the poller.

17778 HTTPS and TCP   SSL

Required to access the SolarWinds Information Service API and agent communication

SolarWinds Information Service API

17779 HTTP and HTTPS    

SolarWinds Toolset Integration over HTTP

Agents

The following ports are used by the SolarWinds Orion agent.

Port

Type

Direction

Encryp-
tion

Description

22 TCP bidirectional  

Used to install the agent on Linux computers through SSH and SFTP or SCP. Open this port for outbound connections on the Orion server or additional polling engings and inbound connections on the monitored computer.

135 TCP inbound  

(DCE/RPC Locator service) Microsoft EPMAP. This port must be open on the client computer for remote deployment.

Active directory, RPC and SMB protocol ports are used by Orion Poller Agent installer to connect to Windows OS and to deploy Windows Agent.

445

TCP

inbound  

Microsoft-DS SMB file sharing. This port must be open on the client computer (inbound) for remote deployment.

  • Active directory, RPC and SMB protocol ports are used by Orion Poller Agent installer to connect to Windows OS and to deploy Windows Agent.
  • 17778 TCP bidirectional SSL, TLS 1.0 or later

    Send and receive information from Windows and Linux devices polled by agents using agent-initiated communication. Used to deploy agents.

    Important: This requirement is for Active agents only. If Passive agents are used, no ports need to be opened on the firewall for the Orion server. For more information, see Changing the Agent Port.

    17790 TCP bidirectional SHA1 certificate, TLS 1.0 or later

    Used by the agent to communicate with the Orion server when the agent is in server-initiated communication mode.

    In Passive mode, port 17790 must be opened on the host where the agent is installed and allowed by the firewall.

    17791

    TCP

    bidirectional  

    Used by the agent to communicate with the Orion server when the agent is in agent-initiated communication mode. This port must be opened if the reomte computers you monitor run Windows 2008 R2.

    High Availability

    The following ports are used in addition to ports used by your primary products when you enable High Availability.

    Port

    Type

    Description

    4369

    TCP

    Open on the main Orion server and its standby server for RabbitMQ clustering. This port exchanges EPMD and Erlang distribution protocol messages for RabbbitMQ. This port is not required when protecting additional polling engines.

    5671

    TCP

    For encrypted RabbitMQ messaging (AMQP/TLS) into the main polling engine from all Orion servers.

    25672

    TCP

    Open on the main Orion server and its standby server for RabbitMQ clustering. This port exchanges EPMD and Erlang distribution protocol messages for RabbbitMQ. This port is not required when protecting additional polling engines.

    SAM Component Monitor Ports

    Compo-
    nent/
    Monitor

    Port

    Type

    Description

    DHCP User Experience Monitor

    67

    UDP

    The UDP port used for the DHCP request.

    DHCP User Experience Monitor

    68

    UDP

    The UDP port used for the DHCP response.

    Directory Size Monitor

     

     

    See SAM WMI requirements below.

    DNS Monitor
    DNS User Experience Monitor

    53

    TCP/UDP

    The TCP and UDP port used for DNS queries.

    Download Speed Monitor

    19

     

    The port used for the character generator service.

    File Age Monitor
    File Change Monitor
    File Existence Monitor
    Files Size Monitor

    445

    TCP/UDP

    These components monitor uses TCP/445 and UDP/445 ports.

    File Count Monitor

     

     

    See SAM WMI requirements below.

    FTP Monitor
    FTP User Experience Monitor

    21

     

    This field is the port number used for FTP sessions

    HTTP Form Login Monitor
    HTTP Monitor
    TCP Port Monitor

    80

     

    This field is the port number used for HTTP forms-based login sessions.

    HTTPS Monitor

    443

     

    The port used by the web site.

    IMAP4 Monitor

    143

     

     

    IMAP4 User Experience Monitor

    143 and 993

    IMAP4

    This component monitor uses these ports when used with a Microsoft Exchange mail server.

    IMAP4 User Experience Monitor

    25

    SMTP

    This component monitor uses these ports when used with a Microsoft Exchange mail server.

    IMAP4 Port sessions

    143

    IMAP4

    This field is the port number used for IMAP 4 sessions.

    IMAP4 Port sessions

    585

    IMAP4

    For Secure IMAP (IMAP4-SSL), use port 585.

    IMAP4 Port sessions

    993

    IMAP4

    For IMAP4 over SSL (IMAPS), use port 993.

    LDAP User Experience Monitor

    389

     

    The port used for LDAP connections.

    LDAP User Experience Monitor

    636

     

    For LDAP over SSL, use port 636.

    Linux/Unix Script Monitor Ports

    22

     

    This field allows you to specify the port number used for the SSH connection.

    NNTP Monitor

    119

    UDP

    This field is the port number used for NNTP connections.

    ODBC User Experience Monitor

    1630

    TCP

    This component monitor uses port TCP/1630.

    Oracle User Experience Monitor

    1521

    TCP

    The Oracle SQL*Net Listener allows Oracle client connections to the database over Oracle's SQL*Net protocol. You can configure it during installation. To reconfigure this port, use Net Configuration Assistant.

    Oracle User Experience Monitor

    1526

    TCP

    The Oracle SQL*Net Listener allows Oracle client connections to the database over Oracle's SQL*Net protocol. You can configure it during installation. To reconfigure this port, use Net Configuration Assistant.

    Performance Counter Monitor

    See description

    TCP

    This monitor uses RPC, requiring the following ports:

    • TCP/135
    • RPC/named pipes (NP) TCP 139
    • RPC/NP TCP 445
    • RPC/NP UDP 137
    • RPC/NP UDP 138

    POP3 Monitor
    POP3 User Experience Monitor

    110 (default)

     

    This field is the port number used for POP3 connections.

    POP3 Monitor
    POP3 User Experience Monitor

    995

     

    For Secure POP3 (SSL-POP) use port 995.

    POP3 User Experience Monitor
    SMTP Monitor

    25

    SMTP

    This component  uses port 25 for SMTP sessions.

    SMTP Monitor

    465

    SSMTP

    For Secure SMTP (SSMTP), use port 465.

    POP3 Monitor

    See Description

     

    This component monitor uses the following ports when used with a Microsoft Exchange mail server.

    • 102   X.400 MTA
    • 110   POP3
    • 119   NNTP
    • 143   IMAP4
    • 389   LDAP
    • 563   POP3 over SSL
    • 636   LDAP over SSL
    • 993   IMAP4 over SSL
    • 995   Secure POP3 over SSL

    POP3 User Experience Monitor

    110 (default)

     

    This field is the port number used for POP3 sessions. The default value is 110. For Secure POP3 (SSL-POP) use port 995. It also uses an SMTP Port, port 25 for SMTP sessions.

    Process Monitor

     

    SNMP

    This component monitor uses SNMP communication.

    Process Monitor WMI

     

     

    Uses WMI communication to test if the specified Windows process is running and uses RPC communication to test if the specified Windows process is running.

    RADIUS User Experience Monitor

    1812
    1645

     

    This field is the RADIUS protocol authentication port. The default value is 1812. Cisco devices may require port 1645. This field is the RADIUS protocol accounting port. The default value is 1813. Cisco devices may require port 1646.

    RWHOIS Port Monitor

    4321

     

    This template tests the ability of an RWHOIS server to accept incoming sessions on port 4321.

    SQL Server User Experience Monitor

    1433

     

    This component monitor only works if Microsoft SQL Server is using the default port 1433. If you have a Microsoft SQL Server database that uses a non-standard port, you cannot monitor it using the SQL Server User Experience monitor. You need to use the ODBC User Experience monitor instead to manually define a connection string that will allow you to talk to Microsoft SQL Server on its custom port.

    TACACS+User Experience Monitor

    49

     

    This field is the TACACS+ protocol connection port. The default value is 49.

    Tomcat Server Monitor

    8080

     

    This field allows you to specify the port number used by the web site. The default value for this field is 8080.

    VMware Performance Counter Monitor

    443

     

    Port number to use for VMware API. The default is 443.

    ESX Hardware Monitoring

    5989

     

    Ensure port 5989 is open on the firewall.

    Windows Event Log Monitor

     

     

    This component monitor uses the following ports:

    • TCP/135
    •  RPC/named pipes (NP) TCP 139
    •  RPC/NP TCP 445
    •  RPC/NP UDP 137
    •  RPC/NP UDP 138
    •  POP3 User Experience Monitor port 110

    SAM Templates

    Template port requirements will vary depending on how you utilize them. The following provides a list of monitor templates that use ports. 

    Template

    Port

    Description

    Blackberry Delivery Confirmation template

    25

    Blackberry Delivery Confirmation template uses port 25 on the SMTP server for sending the test email. If the SMTP server uses a different port, change this value.

    Finger Port Monitor

    79

    This template tests the ability of the Finger service to accept incoming sessions on port 79.

    Gopher Port Monitor

    70

    This template tests the ability of a Gopher server to accept incoming sessions on port 70.

    IRC Port Monitor

    6667

    This template tests the ability of an IRC server to accept incoming sessions on port 6667.

    Java Application Server (SNMP) template

    1161

    This template is configured to send SNMP requests on port 1161.

    SNPP Port Monitor

    444

    This template tests the ability of an SNPP server to accept incoming sessions on port 444.

    Windows FTP Server (via WMI)

    21

     This template monitors the Windows FTP Publishing Service and tests the ability of the FTP server to accept incoming sessions on port 21.

    SAM WMI Requirements

    Microsoft Windows by default uses a random port between 1024 and 65535 for WMI communications. You must create firewall exceptions to allow TCP/UDP traffic on ports 1024 - 65535 or the component monitors and templates that use WMI will not work.

    Important: WMI requires local administrator credentials.

    The following component monitors use WMI:

    • Performance Counter Monitor
    • Process Monitor – WMI (if script uses WMI access)
    • Windows Event Log Monitor
    • Windows PowerShell Monitor (if script uses WMI access)
    • Windows Script Monitor
    • Windows Service Monitor (if script uses WMI access)

    The following templates use WMI:

    • Active Directory
    • Blackberry Enterprise Server
    • Citrix XenApp 5.0 Core WMI Counters
    • Citrix XenApp 5.0 ICA Session WMI Counters
    • Citrix XenApp 5.0 Presentation Server WMI Counters
    • Citrix XenApp 5.0 Services
    • Errors in Application Event Log
    • Exchange 2007
    • Exchange 2007 Client Access Role Services
    • Exchange 2007 Client Access Role WMI Counters
    • Exchange 2007 Common WMI Counters
    • Exchange 2007 Edge Transport Role Services
    • Exchange 2007 Hub Transport Role Services
    • Exchange 2007 Hub Transport Role WMI Counters
    • Exchange 2007 Mailbox Role Services
    • Exchange 2007 Mailbox Role WMI Counters
    • Exchange 2007 Unified Messaging Role Services
    • Exchange 2007 WMI Counters
    • Exchange 2010 Client Access Role Services
    • Exchange 2010 Common Performance Counters
    • Exchange 2010 Edge Transport Role Services
    • Exchange 2010 Hub Transport Role Services
    • Exchange 2010 Mailbox Role Services
    • Exchange 2010 Unified Messaging Role Services
    • Exchange Server 2000 and 2003
    • Internet Information Services
    • Orion Server
    • SharePoint Server (MOSS) 2007
    • SharePoint Services (WSS) 3.0
    • SQL Server 2005 Database
    • SQL Server 2008 Database
    • Windows Print Services
    • Windows Server 2003-2008