Вы находитесь на странице: 1из 4

SolarWinds LEM Port and Firewall Requirements

Overview
This page lists the firewall ports that you need to open to allow communication with SolarWinds LEM. Any firewalls that
stand between any two points of communication should allow inbound and/or outbound traffic across the specified ports
to ensure that LEM works properly.

In the table, "inbound" assumes that the LEM VM is behind the firewall, and that firewall rules allow network
traffic through the firewall to the LEM VM.

Environment
All Versions of LEM.

If you use multiple SolarWinds products, see Port requirements for all SolarWinds products.

Details
Port # Protocol Service Direction Description

SSH traffic to the SolarWinds LEM VM. (Port 22 is not


used prior to version 6.3.x.)
22, 32022 TCP SSH Bidirectional
If you need to close either ports 22 or 32022, contact
SolarWinds Support.

SMTP traffic from the SolarWinds LEM VM to your email


25 TCP SMTP Outbound
server for automated email notifications.

Non-secure HTTP traffic from the SolarWinds LEM


console to the SolarWinds LEM VM. (LEM closes this
80, 8080 TCP HTTP Bidirectional
port when activation completes, but you can re-open it
with the CMC togglehttp command.)

Copyright © 1999-2017 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any
means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other
means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain 1
the exclusive property of SolarWinds and its respective licensors.
Standard Windows file sharing ports (NetBIOS Session
Service, Microsoft SMB) that LEM uses to export debug
NetBIOS, files, syslog messages, and backup files.
139, 445 TCP Bidirectional
SMB
The LEM Remote Agent Installer also uses these ports
to install Agents on Microsoft Windows hosts across your
network.

SNMP trap traffic received from devices, and used by the


161, 162 TCP SNMP Bidirectional Orion platform to monitor LEM. (Monitoring LEM on port
161 is not used prior to version 6.3.x.)

LDAP ports that the LEM Directory Service Connector


tool uses to communicate with a designated Active
Directory domain controller.
389, 636 TCP LDAP Outbound
The LEM Directory Service Connector tool uses port 636
for SSL communications to a designated Active
Directory domain controller.

HTTPS traffic from the SolarWinds LEM console to the


LEM VM.
443, 8443 TCP HTTPS Bidirectional
LEM uses these secure HTTP ports after LEM is
activated.

(445) TCP See entry for port 139.

TCP or Syslog traffic from devices sending syslog event


514 Syslog Inbound
UDP messages to the SolarWinds LEM VM.

(636) TCP See entry for port 389.

NetFlow traffic from devices sending NetFlow to the


2100 UDP NetFlow Inbound
SolarWinds LEM VM.

sFlow traffic from devices sending sFlow to the


6343 UDP sFlow Inbound
SolarWinds LEM VM.

(8080) TCP See entry for port 80.

(8443) TCP See entry for port 443.

Copyright © 1999-2017 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any
means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other
means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain 2
the exclusive property of SolarWinds and its respective licensors.
nDepth traffic sent from nDepth to the LEM VM
8983 TCP nDepth Inbound
containing raw (original) log data.

LEM
LEM reports application traffic used to gather LEM
9001 TCP reports Bidirectional
teports data on the LEM VM.
application

(32022) TCP See entry for port 22.

LEM Agent traffic sent from SolarWinds LEM Agents to


LEM
37890-37892 TCP Inbound the SolarWinds LEM VM. (These ports correspond to the
Agents
destination ports on the LEM VM.)

The LEM Manager uses ephemeral ports to send return


traffic from the LEM Manager to the LEM Agents.
Operating systems have different ephemeral port ranges.
When LEM requests an available port, the OS running
LEM the LEM Agent selects an available port number from a
1024 –65535 TCP Outbound
Agents predefined range.

For information about OS-specific ephemeral port


number ranges, see Ephemeral Source Port Selection
Strategies. (© 2017 Team Cymru, available at
https://www.cymru.com/, obtained on October 9, 2017.)

Note: LEM no longer uses the port listed in the following table.

Port # Protocol Service Direction Description

Port 5433 is no longer used. Previously, this port carried traffic from
LEM the SolarWinds LEM reports application to the SolarWinds LEM VM.
5433 TCP Inbound
Reports This was used by versions prior to LEM 5.6, for which support ended
December 2015.

URLs
• To receive connector updates using the automatic connector update function, LEM needs access to the following
URL:
◦ http://downloads.solarwinds.com
• To use the Threat Feeds function and the Automatic Connector Update function In LEM 6.2 and later, LEM needs
access to the following URL:
◦ https://rules.emergingthreats.net/fwrules/

Copyright © 1999-2017 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any
means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other
means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain 3
the exclusive property of SolarWinds and its respective licensors.
Copyright © 1999-2017 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any
means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other
means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain 4
the exclusive property of SolarWinds and its respective licensors.