Filter
Top Products
Appendix B: CC-SG and Network Configuration
319
Communication
Direction
Port Number Protocol Configurable? Details
CC-SG to SNMP
Manager
162 UDP yes SNMP standard
CC-SG Internal Ports
CC-SG uses several ports for internal functions, and its local firewall
function blocks access to these ports. However, some external scanners
may detect these as “blocked” or “filtered.” External access to these
ports is not required and can be further blocked. The ports currently in
use are:
• 1088
• 1098
• 2222
• 4444
• 4445
• 8009
• 8083
• 8093
In addition to these ports, CC-SG may use TCP and UDP ports in the
32xxx (or higher) range. External access to these ports is not required
and can be blocked.
CC-SG Access via NAT-enabled Firewall
If the firewall is using NAT (Network Address Translation) along with PAT
(Port Address Translation), then Proxy mode should be used for all
connections that use this firewall. The firewall must be configured for
external connections to ports 80 (non-SSL) or 443 (SSL), 8080 and 2400
to be forwarded to CC-SG since the PC Client will initiate sessions on
these ports.
Note: It is not recommended to run non-SSL traffic through a firewall.
Connections using the firewall must be configured to use Proxy mode.
See Connection Modes: Direct and Proxy (on page 219). CC-SG will
con
nect to the various targets on behalf of the PC Client requests.
However, the CC-SG will terminate the PC Client to Target TCP/IP
connection that comes through the firewall.
RDP Access to Nodes
Port 3389 must be open for RDP access to nodes.