N-central Help

KBA11004: List of Open Ports Required for Remote Installation and Verification of CA ARCserve Replication

Knowledge Base Article #:

11004

Applicable Versions:

CA ARCserve RHA R16

Date Created/Updated:

June 21, 2012

Background

This article provides the ports and the associated protocols in order to remotely install the CA RHA Engine service on remote hosts through the Scenario Creation wizard or the remote installer.

Solution

The following ports must be open in any firewalls between the CA RHA Control Service server and the CA RHA Engine servers:

  • TCP Protocol requires ports 25000, 1025, 2666 & 2660
  • UDP Protocol requires ports 135, 137, & 138
Protocol/Port Name Protocol Description and Purpose Validation Method between Host systems (PSK, Cert, IP) Encryption Used (if any) Requested Between

TCP 25000

TCP/IP-based (app ISO level ) protocol for data replication and engines management

Depending on scenario configuration RHA may send data and management commands in clear text or encrypt communication using Open SSL library (i.e. the whole connection will be encapsulated into secure tunnel)

If Open SSL is used then following ciphers may be used:

AES128-SHA;

AES256-SHA;

RC4-MD5

Master and Replica Engine

TCP 8088

GUI talks to CS (Management service) via HTTP or HTTPS (during installation user may chose RHA CS to serve requests  on HTTPS)

If user opted to use https on CS side then RHA setup program provides the following choices:

  • User may install her own certificate
  • Setup may generate and install test certificate valid for 1 year

SSL

Control Service and Master (or Replica) Engine

UDP 135

Used by many programs and protocols.  RHA specifically uses it for the remote installer.  This is also used by the Microsoft EPMAP (End Point Mapper) which is the DCE/RPC locator service used to remotely manage services such as DHCP servers.

See Windows documentation

See Windows documentation

Not required unless installing remotely

UDP 137

NetBIOS Name Service - Windows CIFS/SMB protocol family – used by RHA remote installer

See Windows documentation

See Windows documentation

UDP 138

NetBIOS Datagram Service - Windows CIFS/SMB protocol family – used by RHA remote installer

See Windows documentation

See Windows documentation