PORT — различия между версиями
Vasily (обсуждение | вклад) (Корректировака по ASB портам) |
Vasily (обсуждение | вклад) (Корректировка информации по PCS(ASB) службам) |
||
Строка 28: | Строка 28: | ||
=== Application Server & System Platform Multi-Galaxy === | === Application Server & System Platform Multi-Galaxy === | ||
− | + | '''Для версий от WSP 2014R2 и старше:''' | |
+ | |||
+ | All PCS (ArchestrA Service Bus) communication is based on the Microsoft WCF shared port '''808''' | ||
'''Для версий WSP 2012R2 - 2014:''' | '''Для версий WSP 2012R2 - 2014:''' | ||
Строка 51: | Строка 53: | ||
<div id="dc_vk_code" style="display:none"></div> | <div id="dc_vk_code" style="display:none"></div> | ||
− | + | '''Important''': If a Galaxy Repository (GR) has more than one Galaxy, two additional ports must be opened to enable a remote GR to browse to each additional galaxy. For example, two galaxies would require ports 7500, 7501, 7502, and 7503 to be open. Three galaxies would require ports 7500-7505 to be open | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
== Historian == | == Historian == |
Текущая версия на 12:10, 31 июля 2020
Содержание
- 1 Как узнать открыт порт или нет?
- 2 Application Server & System Platform
- 3 Historian
- 4 InTouch to InTouch communications (view.exe) и Распределенная система алармов/ Alarm Query (Alarmmgr.exe)
- 5 Historian Client
- 6 Wonderware Information Server (WIS)
- 7 Manufacturing Execution System (MES)
- 8 InTouch Access Anywhere
- 9 License Server (до версии SP 2014R2 включительно)
- 10 License Server (SP 2017, SP 2020)
- 11 Schneider Electric Floating License Manager (for Citect)
- 12 DA Server и DI Objects
- 13 Microsoft Remote Desktop Protocol
- 14 InBatch
- 15 Ampla
- 16 Skelta
- 17 Другое - желательно
- 18 Описание некоторых портов
- 18.1 ICMP
- 18.2 53 TCP/UDP
- 18.3 88 TCP
- 18.4 123 UDP
- 18.5 135 TCP
- 18.6 137 UDP
- 18.7 138 UDP
- 18.8 139 TCP
- 18.9 389 TCP
- 18.10 445 TCP
- 18.11 808 TCP
- 18.12 1024-65000 TCP
- 18.13 1235
- 18.14 1240
- 18.15 1433 TCP
- 18.16 1434 UDP
- 18.17 3389 TCP
- 18.18 5026 TCP
- 18.19 5413 TCP
- 18.20 6000-6050 TCP
- 18.21 7321
- 18.22 8001
- 18.23 8889
- 18.24 8890
- 18.25 8199, 9001-9012, 9015, 9016 TCP
- 18.26 9013, 9014 UDP
- 18.27 30000
- 18.28 30001
- 19 Источники
- 20 Другие темы
Как узнать открыт порт или нет?
Просканировать, например при помощи Free Port Scanner (бесплатная - Freeware), см. сайт разработчика: http://www.nsauditor.com/network_tools/free_port_scanner.html
Application Server & System Platform
The DCOM Ports used by the Bootstrap are:
Port 135/tcp Port 139/tcp File and printer sharing 445/tcp Ports 1024 to 65535 TCP (для версий младше 2014R2 P01) Ports 49152 to 65535 TCP (для версий от 2014R2 P01 и старше)
SQL Ports
SQL TCP 1433/tcp SQL Server Browser 1434/udp
Other
MxPort (NMXSVC) 5026 TCP Outbound Archestra Communication Channel. Peer-to-Peer, bi-directional between all ArchestrA-enabled nodes.
Redundancy Primary Channel Port (PMC) 30000 TCP The port used by the failover service to manage heartbeats with the standby engine over the primary network.
Redundancy Message Channel Port (RMC) 30001 TCP The port used by the redundancy message channel to synchronize data with a standby engine.
Application Server & System Platform Multi-Galaxy
Для версий от WSP 2014R2 и старше:
All PCS (ArchestrA Service Bus) communication is based on the Microsoft WCF shared port 808
Для версий WSP 2012R2 - 2014:
ASBGRBrowsing Service 7500 (default, configurable) ASBMxDataProvider Service 3572 (default, configurable) ASBAuthentication Service 7779 (default, configurable)
Local Discovery Server 9111 Primary Local Galaxy 9110 Secondary Local Galaxy Server 9210 Primary Cross Galaxy Server 9310 Secondary Cross Galaxy Server 9410 Galaxy Pairing 7085 Configuration Service 6332 Content Provider Service 6011 Deploy Agent Service 6533, 6633 Service Manager Service 6111, 6113 System Authentication Service 9876
Источник: Tech Note 556 Port Configuration List for System Platform 2012 R2 Multi-Galaxy Environment
Important: If a Galaxy Repository (GR) has more than one Galaxy, two additional ports must be opened to enable a remote GR to browse to each additional galaxy. For example, two galaxies would require ports 7500, 7501, 7502, and 7503 to be open. Three galaxies would require ports 7500-7505 to be open
Historian
File and printer sharing 445/tcp SQL Server Browser 1434/udp SQL TCP 1433/tcp/udp Remote IDAS uses 135...139(TCP/UDP) and Port 445 (TCP and UDP)/udp Для репликации данных на tier-2 32568 (TCP) - по умолчанию
Источник: Tech Note 464 Port Considerations for Wonderware Historian
IDAS
135...139 TCP/UDP 445 TCP/UDP
Remote IDAS
135...139 (TCP/UDP) 445 (TCP/UDP)
MDAS
135 TCP/UDP
HCAL / HCAP
32568
Ports for Replication
This can be an integer between 1 and 65535. The default is 32568
InTouch to InTouch communications (view.exe) и Распределенная система алармов/ Alarm Query (Alarmmgr.exe)
SuiteLink 5413
Historian Client
Для получения данных с сервера Historian Historian Client использует порт 1433, или необходимо настроить связь с сервером Historian по HTTP
Для того чтобы SQL Server обрабатывал запросы по HTTP необходимо поднять SQLXML.
- см. Information Server
- Tech Note 498 Installing SQLXML on Wonderware Information Server 3.0
SQL TCP 1433/tcp
Wonderware Information Server (WIS)
см. также Information Server
80 - по умолчанию, порт настраиваемый, нужен для доступа клиентов через Internet Explorer
Для открытия Historian Client из Internet Explorer должен быть открыт порт к SQL (1433) или необходимо настроить связь с сервером Historian по HTTP.
Для того чтобы SQL Server обрабатывал запросы по HTTP необходимо поднять SQLXML.
SQL TCP 1433/tcp
Manufacturing Execution System (MES)
The following table lists the port name and corresponding port numbers that are included in the Windows Firewall exceptions list for the Wonderware MES 2014.
5413 1433 SQL TCP 1434 SQL Server Browser 80 HTTP 8099 TCP
The list of application names that are included in the Windows Firewall exceptions list for the Wonderware MES 2014 is as follows:
DANSrv.exe OpcEnum.exe Microsoft SQL Server Microsoft Distributed Transaction Coordinator (MSDTC) dllhost.exe
- Источник: readme.html в корне дитрибутива
InTouch Access Anywhere
8080 - по умолчанию, порт настраиваемый, нужен для доступа клиентов через браузер
License Server (до версии SP 2014R2 включительно)
The license server uses a default TCP/IP port range 27000-27009
License Server (SP 2017, SP 2020)
- 55555 (TCP) Licensing License Server Core Service
- 59200 (TCP) Licensing License Server Agent HAL
Schneider Electric Floating License Manager (for Citect)
8090 Web Port (можно изменить) 27011 License Server Port (можно изменить) 27010 Vendor Daemon Port (можно изменить)
DA Server и DI Objects
DAS SI Direct 102 DAS MBTCP 502 DAS ABTCP 2221 DAS ABTCP 2222 DAS ABTCP 2223 S/L DA Servers 5413 DAS ABCIP 44818
Microsoft Remote Desktop Protocol
TCP 3389 - По умолчанию
InBatch
- TCP port numbers for Wonderware InBatch: 8199, 9001 to 9012, 9015, and 9016.
- UDP port numbers for Wonderware InBatch: 9013 and 9014.
- vista 9001/tcp
- EnvMngr 9002/tcp
- MsgMngr 9003/tcp
- SecMngr 9004/tcp
- RedMngr 9006/tcp
- UnilinkMngr 9007/tcp
- BatchMngr 9008/tcp
- LogMngr 9011/tcp
- InfoMngr 9012/tcp
- RedMngrX 9013/udp
- RedMngrX2 9014/udp
- HistQMngr 9015/tcp
- HistQReader 9016/tcp
Ampla
- 808 WCF Services (TCP Binding)
- 1235 Ampla™ Operations Management
- 1240 Health Monitoring (if enabled)
- 7321 Ampla™ Operations Management Notification Client
- 8001 Ampla™ Operations Management Studio
- 8889 WCF Services (HTTP Binding)
- 8890 Real-Time Communications
Skelta
- Advance Server Services with Multicast IP address 225.0.0.10
- 8850 (multicast port) This port is used to check the connectivity between all the machines while running the Enterprise Edition.
- 8853 (tcp port) Communication between the Workflow Engine and the Advance Server service is established through this port. This port is used to get the status of the least used server, and also analyze server performance.
- Workflow Engine
- 8853 (load balance server port) This is the port on which the Advance Server service listens to the registration from other services.
- 8859 (load balance client port) This is the port on which the Advance Server client services listen to the events.
- 8855 This is the port on which the Workflow Engine listens to client requests.
- SMTP services
- 25 (smtp port) This is the default port for sending e-mails.
- 27975 (file watcher port)
- Communication services
- 8770 (listener port)
- 110 (pop-mail port) This is the default port for receiving emails.
- Task Scheduler services
- 8853 (load balance server port) This is the default port for the Load Balanced Server.
- 8860 (load balance client port) This is the default port for the Load Balanced Client.
- 8856
- Quick Launch EXE
- 8866 This is the default port used by the AVEVA Workflow Management Quick Launch EXE.
- License Server Port
- 55555 This is the default port used by the License Server. Ensure that you enter a valid port number.
- Client service
- 8863 (listener port) Default listener port for the Client service. This can be changed in CentralConfig.xml file located at the root of the installation folder.
- The following table lists the ports used by AVEVA Workflow Management services, when the Work Tasks Pro application is used outside Corporate Network.
- Workflow Engine
- 9350, 9351, 9352, 9353 (SB Over TCP) This is the port on which the Workflow Engine communicates with Service Bus for the Work Tasks Pro application.
- Communication services
- 9350, 9351, 9352, 9353 (SB Over TCP) This is the port on which the Workflow Engine communicates with Service Bus for the Work Tasks Pro application.
- Push Notification service
- 80/443(http/https) This is the port on which AVEVA Workflow Management communicates with the Push Notification servers.
- Workflow Engine
Источник: http://sun.skelta.com/#ports
Skelta DTC
- 135 RPC EPM (end point mapper)
- 1433 TDS SQL traffic when using TCP/IP
- 1434 SQL 2000 Integrated Security
- 5100 - 5200 MSDTC (Dynamically assigned a port by the EPM)
Источник: http://sun.skelta.com/#181613
Другое - желательно
ICMP
Описание некоторых портов
Источник: Securing Application Server Systems
ICMP
PING ICMP Protocol Type 8
- Between all ArchestrA - enabled nodes.
53 TCP/UDP
DNS UDP 53, TCP 53
- Domain Name Service. From client to DNS Server.
88 TCP
KERBEROS TCP 88 Authentication
123 UDP
NTP UDP 123
- Time Synchronization. From Client to Domain controller(s) or time master.
135 TCP
RPC DCE TCP 135 Outbound
- Outbound DCOM. Peer-to-Peer, bidirectional between all ArchestrA-enabled nodes.
137 UDP
NETBIOS NameService UDP 137 Send/Receive
Name Service/Browsing.
- From WAS to WINS Server or Browse Master or Domain Master Browser.
138 UDP
NETBIOS Datagram UDP 138 Send
Name Service/Browsing.
- From WAS to Browse Master or from Browse Master to Domain Master Browser.
139 TCP
NETBIOS Session TCP 139 Outbound
- Server Message Block (SMB). Used to implement Windows networking from WAS to the Domain Controller if applicable.
389 TCP
LDAP TCP 389
- Active Directory Domain, from client to Domain Controller(s).
445 TCP
CIFS TCP 445
Outbound
- File serving, deploying. From IDE to WAS.
808 TCP
808 WCF Services (TCP Binding). All ArchestrA Service Bus communication is based on the Microsoft WCF shared port
1024-65000 TCP
SUITELINK TCP 5413
TCP 1024-65000 (see note below)
- SuiteLink: InTouch, IO Server communication. SuiteLink establishes a secondary connection in the disclosed port range. Stateful packet inspection firewalls handle this operation automatically.
1235
1235 Ampla™ Operations Management
1240
1240 Health Monitoring (if enabled)
1433 TCP
SQL Server TCP 1433 Inbound
- Inbound SQL Server. From SQL Server to Client.
SQL Client TCP 1433 Outbound
- SQL Client. From Client to SQL Server.
1434 UDP
SQL Browser UDP 1434 Send/Recieve
- Send Receive Only if implementing SQL Server instances.
3389 TCP
Microsoft Remote Desktop Protocol По умолчанию используется порт 3389 TCP
5026 TCP
NMXSVC TCP 5026 Outbound
- Outbound Archestra Communication Channel. Peer-to-Peer, bi-directional between all ArchestrA-enabled nodes.
5413 TCP
SUITELINK TCP 5413
TCP 1024-65000 (see note below)
- SuiteLink: InTouch, IO Server communication. SuiteLink establishes a secondary connection in the disclosed port range. Stateful packet inspection firewalls handle this operation automatically.
6000-6050 TCP
RPC Dynamic Port Range TCP 6000-6050* Outbound
- Custom range. Peer-to-Peer, bi-directional between all ArchestrA-enabled nodes.
7321
7321 Ampla™ Operations Management Notification Client
8001
8001 Ampla™ Operations Management Studio
8889
8889 WCF Services (HTTP Binding)
8890
8890 Real-Time Communications
8199, 9001-9012, 9015, 9016 TCP
TCP port numbers for Wonderware InBatch
9013, 9014 UDP
UDP port numbers for Wonderware InBatch
30000
PMCPort 30000
30001
SMCPort 30001
Источники
- Tech Note 464 Port Considerations for Wonderware Historian https://softwaresupportsp.aveva.com/#/okmimarticle/docid/tn464
- Tech Note 470 Wonderware System Platform FAQs for IT Professionals https://softwaresupportsp.aveva.com/#/okmimarticle/docid/tn470
- (устарело) Tech Note 482 Troubleshooting Wonderware Application Server Bootstrap Communications https://softwaresupportsp.schneider-electric.com/#/okmimarticle/docid/tn482
- Tech Note 556 Port Configuration List for System Platform 2012 R2 Multi-Galaxy Environment https://softwaresupportsp.aveva.com/#/okmimarticle/docid/tn556
- TN10402 Ports required for System Platform 2017 Update 3 https://softwaresupportsp.aveva.com/#/okmimarticle/docid/tn10402
- Security Settings for Wonderware Products https://softwaresupportsp.schneider-electric.com/#/okmimarticle/docid/tn1026
- Статья блога Решение проблем с процессами Application Server http://blog.archestra.info/%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B4-tn-508-%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC-%D1%81-%D0%BF%D1%80%D0%BE%D1%86%D0%B5%D1%81%D1%81%D0%B0%D0%BC/