search cancel

Ports used by PAM Cluster 3.3


Article ID: 186055


Updated On:


CA Privileged Access Manager (PAM)


Some of the ports that the PAM 3.3 documentation mentions as used by the PAM cluster are shown as filtered or closed when scanning them.
Concretely, when trying to scan them from a cluster node to another cluster node, having the cluster on, the following results are shown:


Product: Layer 7 Privileged Access Manager
Version: 3.3.x


There is a bug in the 3.3.x documentation.


The following PAM 3.3.x documentation have some bugs regarding the ports being used by PAM

Cluster Deployment Requirements 

IP Addresses and Ports for Network Connectivity

In both documents, the documentation about ports 7900, 7901 and 7902 is obsolete for versions 3.3. They are no longer used.
In the first document it shows that port 3306 should be OPEN and this is no longer true in versions 3.3.

So, the correct information for the ports being used by PAM cluster is:

  123  UDP  Open
  443  TCP  Open
 3307  TCP  Open 
 5900  TCP  Open
 8443  TCP  Open
13307  TCP  Open

Additional Information

The port 123 UDP corresponds to the NTP (Network Time Protocol) Servers and it has not been scanned from the appliance because it will always appear as CLOSED as the appliances just perform TCP port scanning and not UDP port scanning.