Product Documentation

Firewall requirements for Services Manager

Sep 14, 2015
Updated: 2014-08-15

Services Manager requires specific firewall ports be open to support communication between platform components. The following diagram illustrates the required ports and the platform components that use each port in an environment that includes a primary location and a remote location.

localized image
The following table lists the default connectivity configuration between the Services Manager roles. Configure these before installing the roles.
Traffic/Port From To Purpose
TCP 8095 Web Server Provisioning Engine Authenticate users and read-time Active Directory lookups
MSMQ*, HTTP, or HTTPS Web Server Provisioning Engine Provisioning request
TCP 1433** Provisioning Engine SQL Server Access to provisioning rules, write statistics
TCP 1433** Web Server SQL Server Access to customer and user information
TCP 80 Web Server SQL Reporting Services server Access to SQL Reporting Services
TCP 443 Web Server, All domain servers Encryption Service server Allow secure retrieval of encryption keys

* MSMQ comprises several ports, as specified by Microsoft.

** The supported SQL versions use TCP 1433 only for the default instance; other named instances use a dynamically assigned port. If your installation is not the default instance and a firewall separates the SQL server from the other Services Manager roles, you must override the dynamic behavior by allocating a specific port.