CommuniGate Pro uses various Ports for it’s services.

Below you’ll find the ports which should be opened on a firewall.

Those ports are used with the default setup of CommuniGate Pro.

1) Inbound Ports

Inbound Destination Port Number  /   Service [IP Protocol]

  • 21                   FTP [TCP]
  • 22 FTP DATA [UDP,TCP]
  • 25                  SMTP [TCP]
  • 53                  DNS [UDP,TCP] (to DNS servers only)
  • 69                 TFTP [UDP] (may not be allowed for “Untrusted”)
  • 80                 HTTP [TCP] (WebMail)
  • 110                POP [TCP]
  • 143                IMAP [TCP]
  • 387               LDAP [TCP] (may not be allowed for “Untrusted”)
  • 443               HTTPS [TCP]
  • 465               SMTP SSL [TCP] (Microsoft only)
  • 587               SMTP MSP [TCP]
  • 636               LDAPS [TCP]
  • 674               ACAP [TCP] (may not be allowed for “Untrusted”)
  • 993               IMAPS [TCP]
  • 995               POP3S [TCP]
  • 5060            SIP [UDP,TCP]
  • 5061             SIPS [TCP,UDP]
  • 5222            XMPP [TCP,UDP] (Jabber)
  • 5223            XMPP SSL [TCP,UDP] (Jabber old-style XMPP Encryption)
  • 8010            WebAdmin Interface [TCP]
  • 8021            FTP [TCP]
  • 8100           WebUser Interface [TCP] (WebMail default)
  • 9010           WebAdmin Interface Encrypted [TCP]
  • 9100           WebUser Interface Encrypted [TCP] (WebMail default)
  • 11024         XIMSS [TCP,UDP]
  • 11025         XIMSS SSL [TCP,UDP]
  • 60000-60099     RTP [TCP,UDP]

2) Outbound Ports
All “Source Ports” outbound should be allowed. Since MUAs (Mail User Agents) and SIP UAs (User Agents) can use a Source Port of any port, then outgoing packets should be allowed from the Cluster from any port to any port. All Outgoing Traffic should use a firewall method to “Keep State” on Outbound Packets, so that their Response Packets are safely allowed back in.

3) Inter-Cluster Ports
The CommuniGate Pro Dynamic Cluster communicates (by default) on these ports. IMPORTANT NOTE: Please keep the network as simple as possible between Cluster Nodes. This includes eliminating VIPs and firewalls *between Cluster Nodes* if at all possible, minimizing the chance of network failures – even short failures of less than 1 second can cause Cluster Nodes to separate from the Cluster if those TCP connections (on port 106) are broken.

Inter-Cluster Port Number  / Service [IP Protocol]

  • 21          FTP [TCP]
  • 25         SMTP [TCP]
  • 69         TFTP [UDP]
  • 80        HTTP [TCP]
  • 106      CGP CLI/API [TCP]
  • 110       POP [TCP]
  • 143      IMAP [TCP]
  • 387      LDAP [TCP]
  • 674     ACAP [TCP]
  • 5060   SIP [UDP,TCP]
  • 5222   XMPP [TCP]
  • 8010   HTTP [TCP]
  • 8021    FTP [TCP]
  • 8100    HTTP [TCP]
  • 9010  HTTPS [TCP]
  • 9100   HTTPS [TCP]
  • 11024  XIMSS [TCP]