KB78625851: WebCenter - Which ports does WebCenter use

Question

Which ports does WebCenter use between its components?

Which ports do I need to open in the firewall for WebCenter to function properly?

Answer

20.0 and newer

See the requirements for version 18.1.

18.1 - 18.1.1

Port Configurations

Below you can find the ports which need to be open/available for proper functioning of WebCenter:

• Port 80 (HTTP) from the internet to the WebCenter Web Server (DMZ).

• Port 443 (HTTPS) from the internet to the WebCenter Web Server (DMZ).
• Port 80 (HTTP) from the LAN to the WebCenter Web Server (DMZ).
• Port 443 (HTTPS) from the LAN to the WebCenter Web Server (DMZ).
• Port 4444 from the WebCenter Web Server (DMZ) to the WebCenter Application Server (LAN).
• Port 5445 from the Automation Engine Server to the WebCenter Application Server (LAN) for approval feedback
• Port 25 (SMTP) from the WebCenter Application Server (LAN) to the Mail Server.

Optional:

• Port 14444 between the Application and Web Server in case of External View Service.

The following ports are internal ports for the Application Server and do not need to be configured on the firewalls. However, if any of these ports are taken by another application, the Application Server will not start.
Ports: 8083, 8086, 1161, 1162, 1090.

The following ports are internal ports for the WebServer and do not need to be configured on the firewalls. However, if any of these ports are taken by another application, the WebServer will not start.

Ports: 8081, 8009.

18.0.1 and older

The port overview can be found in the WebCenter System Requirements.

• Port 80 (HTTP) from the internet to the WebCenter Web Server (DMZ)
• Port 443 (HTTPS) from the internet to the WebCenter Web Server (DMZ)
• Port 80 (HTTP) from the LAN to the WebCenter Web Server (DMZ)
• Port 443 (HTTPS) from the LAN to the WebCenter Web Server (DMZ)
• Port 1099 (JBOSS Naming Service) from the WebCenter Web Server (DMZ) to the WebCenter Application Server (LAN)
• Port 2500 (JBOSS Naming Service RMI) from the WebCenter Web Server (DMZ) to the WebCenter Application Server (LAN)
• Port 4444 (RMI/JRMP invoker object) from the WebCenter Web Server (DMZ) to the WebCenter Application Server (LAN)
• Port 3873 (EJB3) from the WebCenter Web Server (DMZ) to the WebCenter Application Server (LAN)
• Port 25 (SMTP) from the WebCenter Application Server (LAN) to the Mail Server
• Port 1433 & 1434 (SQL) from the WebCenter Application Server (LAN) to SQL Database Server
• Port 1521 (Oracle) from the WebCenter Application Server (LAN) to the Oracle Database Server

In case you need approval feedback to an Automation Engine outside the LAN in which the WebCenter application server resides, you need to open Port 8010 from the internet to the Web Server.

In case you are using an external View Server, the following additional ports need to be opened between the WebCenter Web Server (DMZ) and WebCenter Application Server(LAN)

• Port 14444
• Port 12500
• Port 11099

Finally, JBOSS needs following ports on the application server. These ports are only accessed from the application server (so calling itself) and don’t need to be configured on the firewalls. However, if any of these ports are taken by another application, JBOSS will fail using them which can expose problems from failing to start or failing to execute certain functions.

Ports: 8081, 8083, 8086, 4446, 3528, 1161, 1162, 1090, 1091.

Automation Engine calls on port 5445 of the application server to get approval feedback in case both are in the same LAN.