Ports used by PAM Cluster 3.3
Article ID: 186055
Updated On:
Products
CA Privileged Access Manager (PAM)
Issue/Introduction
Some of the ports that the PAM 3.3 documentation mentions as used by the PAM cluster are shown as filtered or closed when scanning them.
Concretely, when trying to scan them from a cluster node to another cluster node, having the cluster on, the following results are shown:
Concretely, when trying to scan them from a cluster node to another cluster node, having the cluster on, the following results are shown:
Cause
There is a bug in the 3.3.x documentation.
Environment
Product: Layer 7 Privileged Access Manager
Version: 3.3.x
Version: 3.3.x
Resolution
The following PAM 3.3.x documentation have some bugs regarding the ports being used by PAM
Cluster Deployment Requirements
IP Addresses and Ports for Network Connectivity
In both documents, the documentation about ports 7900, 7901 and 7902 is obsolete for versions 3.3. They are no longer used.
In the first document it shows that port 3306 should be OPEN and this is no longer true in versions 3.3.
So, the correct information for the ports being used by PAM cluster is:
123 UDP Open
443 TCP Open
3307 TCP Open
5900 TCP Open
8443 TCP Open
13397 TCP Open
Cluster Deployment Requirements
IP Addresses and Ports for Network Connectivity
In both documents, the documentation about ports 7900, 7901 and 7902 is obsolete for versions 3.3. They are no longer used.
In the first document it shows that port 3306 should be OPEN and this is no longer true in versions 3.3.
So, the correct information for the ports being used by PAM cluster is:
123 UDP Open
443 TCP Open
3307 TCP Open
5900 TCP Open
8443 TCP Open
13397 TCP Open
Additional Information
The port 123 UDP corresponds to the NTP (Network Time Protocol) Servers and it has not been scanned from the appliance because it will always appear as CLOSED as the appliances just perform TCP port scanning and not UDP port scanning.
Attachments
Feedback
Yes
No
Powered by
