Troubleshooting
Problem
This document lists the ports used by the HMC.
Resolving The Problem
The following is a list of ports used by the HMC.
The "Inbound application" column identifies ports where the HMC acts as a server that remote client applications connect to. Examples of remote client applications include the browser based remote access and remote 5250 console. Ports used by remote clients need to be enabled in the HMC firewall. They must also be enabled in any firewall that is between a remote client and HMC.
The "Outbound application" column identifies ports where the HMC acts as a client, initiating communications to the port on a remote server. Functions are further classified as intranet or internet. Intranet functions are typically limited to communications between the HMC and another HMC, partition, or server inside the network. Internet functions require access to the internet, directly or, in some cases, via a proxy. Because UDP is a directionless protocol, the HMC firewall must be enabled for UDP ports even though the communications might be initiated from the HMC. "Outbound" application ports must be enabled in external firewalls for the function to work.
HMC Version 9 and later.
The following ports are required for installios, and UI Install VIOS.
Examples
An example of a typical configuration is as follows:
The "Inbound application" column identifies ports where the HMC acts as a server that remote client applications connect to. Examples of remote client applications include the browser based remote access and remote 5250 console. Ports used by remote clients need to be enabled in the HMC firewall. They must also be enabled in any firewall that is between a remote client and HMC.
The "Outbound application" column identifies ports where the HMC acts as a client, initiating communications to the port on a remote server. Functions are further classified as intranet or internet. Intranet functions are typically limited to communications between the HMC and another HMC, partition, or server inside the network. Internet functions require access to the internet, directly or, in some cases, via a proxy. Because UDP is a directionless protocol, the HMC firewall must be enabled for UDP ports even though the communications might be initiated from the HMC. "Outbound" application ports must be enabled in external firewalls for the function to work.
HMC Version 9 and later.
SERVICE | PORT Numbers | Inbound Application (HMC Daemon) (See Note.) | Outbound Application (HMC client function) (See Note.) |
Secure Web Access | 443 | Remote secure browser access. | (Internet) https outbound remote support/ECC callhome, (optional) Informational links to IBM website. (private/intranet): Managed Server ASMI, "Launch Remote HMC" task. |
Secure Web-Access | 9960 | V10R1 and earlier: Browser Applet Communications, including Remote VTTY. |
|
Secure Web-Access | 12443 | Remote secure browser access | |
Web Access | 80 | V9R1M92x and earlier: (Internet) Server Licensed Internal Code updates using the "IBM Service website" repository. |
|
redfish | 17443 tcp | Power10 ebmc managed server - HMC connection. | (private/intranet) Managed server - HMC connection. |
Nets (HMC-FSP SSL communications) | 30000,30001 | (private/intranet) Managed Server HMC connection. | |
5250 | 2300 (non-SSL), 2301 (SSL) | Remote 5250 console. | (Intranet) 5250 remote console to another HMC, 5250 telnet. |
Secure Shell | 22 | remote ssh clients | (Intranet) ssh, secure FTP and secure copy |
Ping |
icmp echo
7 tcp
|
Incoming ping
|
(private/intranet) Managed server - HMC connection; 7:tcp HMC - e-bmc vmi connection. |
FCS Datagram | 9900:udp | HMC-HMC call home negotiation. | (Intranet) HMC-HMC call home negotiation. |
FCS | 9920 | HMC-HMC communication including Data Replication. | (Intranet) HMC-HMC communication including Data Replication. |
RMC | 657:udp, 657:tcp | i5/OS: (optional) inventory/copy of error logs. VIOS/AIX/Linux: LPM, DLPAR, VIOS tasks. Cross HMC Power Enterprise Pools, Simplified Remote Restart. |
(Intranet) i5/OS: (optional) inventory/copy of error logs. VIOS/AIX/Linux: LPM, DLPAR, VIOS tasks. Cross HMC Power Enterprise Pools, Simplified Remote Restart. |
RSCT Peer Domains | 12347:upd, 12348:udp | AIX Clustering: Reliable Scalable Cluster Technology (RSCT). | |
SNMP Agent | 161:tcp 151: udp |
Applications such as Tivoli Netcool that register for virtual network statistics. | |
PowerSC UI Agent | 11125:tcp 11125:udp | PowerSC server managing a HMC. | |
Additional ports used only for outbound connections | |||
SMTP | 25 (configurable) | (Intranet) email customer notification option. | |
SNMP Traps |
162:tcp 162:udp
(configurable)
|
(Intranet) SNMP Trap customer notification option. | |
NTP | 123:udp | (Intranet) Network Time Protocol client. | |
NFS | 2049 | (Intranet) HMC backup/restore/updates. | |
Telnet | 23 | (Intranet) 5250 telnet client. | |
FTP | n/a | (Internet or intranet) sendfile command. (Internet or intranet) Server Licensed Internal Code updates using the "FTP site" repository. (Internet or Intranet) HMC Code Updates and network upgrades. (Intranet) HMC network backup/restore. |
|
rsyslog |
udp or tcp 514
tcp 6514 configurable
|
(Intranet) HMC configured to use external rsyslog server. |
Note: This list might vary depending on HMC version, release, and fix level.
The following ports are required for installios, and UI Install VIOS.
SERVICE | PORT Numbers | Inbound Application |
ping | icmp echo | ping test |
rsh | 513-1023 tcp | remote shell |
bootp | 67-68 udp | bootp server |
tftp | 69, 23768-65535 udp | TFTP server |
nfs | 2049 tcp | NFS server |
mountd | 32,768-65535 tcp | NFS server |
portmapper | 111 udp | NFS server |
Examples
An example of a typical configuration is as follows:
o | Firewall between the HMC and remote users: 443, 12443, 2301, 22. |
o | Firewall between HMC and other HMC's/partitions: Bidirectional 657 tcp/udp, 9900 udp, 9920 tcp/udp. |
o | Firewall between the HMC and the Internet: outbound 443. |
o | Firewall between the HMC and the Managed Server: TCP outbound 443, 30000, 30001, 17443; inbound 17443. |
[{"Product":{"code":"SSB6AA","label":"Power System Hardware Management Console Physical Appliance"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Component":"HMC","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Historical Number
376410391
Was this topic helpful?
Document Information
Modified date:
04 December 2023
UID
nas8N1019111