Ports used by PAM Cluster 3.3

book

Article ID: 186055

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Some of the ports that the PAM 3.3 documentation mentions as used by the PAM cluster are shown as filtered or closed when scanning them.
Concretely, when trying to scan them from a cluster node to another cluster node, having the cluster on, the following results are shown:




Cause

There is a bug in the 3.3.x documentation.

Environment

Product: Layer 7 Privileged Access Manager
Version: 3.3.x

Resolution

The following PAM 3.3.x documentation have some bugs regarding the ports being used by PAM

Cluster Deployment Requirements 

IP Addresses and Ports for Network Connectivity

In both documents, the documentation about ports 7900, 7901 and 7902 is obsolete for versions 3.3. They are no longer used.
In the first document it shows that port 3306 should be OPEN and this is no longer true in versions 3.3.

So, the correct information for the ports being used by PAM cluster is:

  123  UDP  Open
  443  TCP  Open
 3307  TCP  Open 
 5900  TCP  Open
 8443  TCP  Open
13397  TCP  Open

Additional Information

The port 123 UDP corresponds to the NTP (Network Time Protocol) Servers and it has not been scanned from the appliance because it will always appear as CLOSED as the appliances just perform TCP port scanning and not UDP port scanning.

Attachments