- NuGenesis 9 SDMS
- NuGenesis 9 LMS
Various services and devices in NuGenesis listen for traffic on the following ports:
- TCP 21: the default port for FTP sites. NuGenesis uses FTP sites for managed storage and for the downloadable SDMS components.
- TCP 80: the default port for the LMS web server and nonsecure SampleShare
- UDP 161: the default port for the SNMP service. This port is optional, necessary only if the NuGenesis server is monitored by SolarWinds.
- TCP 443: the default port for the SDMS WebVision site and the secure SampleShare site
- TCP 444: the default port for the new SDMS Audit Trail viewer web client introduced in NuGenesis 9.1
- TCP 445: the port for the Windows Server Message Block 2 (SMB2) protocol. This port must be open on any machine that is accessed by the Archive Agent or Data Management modules for NuGenesis SDMS File Capture.
- TCP 515: the listener port for the Line Printer Daemon (LPD) service. NuGenesis UNIFYps uses this service to receive print jobs from Unix and Linux machines.
- TCP 1001: the default port for Tibbo device servers. This port must be open on any network firewalls between the Tibbo devices and the LMS clients. The port number can be changed within individual Tibbo devices using the Tibbo DS Manager software.
- TCP 1521: the default port for the Oracle Database TNS Listener service
- TCP 2500-2504: the default ports for the NuGenesis RPC service. See the article How to change the port number for the NuGenesis SDMS RPC service.
- TCP 8080: the default port for the Apache Tomcat service
- TCP 8180: the default port for the NuGenesis LMS Server
- TCP 8181: the default HTTP listener port for the Waters Database Manager. This port is used only if the WDM software is installed on the NuGenesis database
- TCP 9992 and 9993: the default ports for the Empower data adapters
- TCP 9996 and 9997: the default ports for the Chromeleon data adapters
- TCP 12020: the port used for communication between the NuGenesis VISION listener process (ng80wvls.exe) and local or remote VISION daemons
- TCP 54822: the default port used for the new SDMS Audit Trail web server introduced in NuGenesis 9.1
- TCP 61616 and 63637: the listener ports for the NuGenesis instrument agents
NuGenesis clients use the ports listed above as destination ports when connecting to the servers. The source port is often a pseudo-random number in the range 49000 to 65535. The server uses that source port as the destination port in its reply to the client. This is the normal and expected behavior of TCP/IP networking.
For example, when a NuGenesis LMS server connects to a NuGenesis Oracle database, it connects to the database's listener port, typically 1521, and the source port is in the number range noted above. The database, in its reply, has its source port as 1521, and the destination port is the source port used by the LMS server.
Any firewalls installed in the network should not block NuGenesis traffic based on the source port number. The source port cannot be predicted and is a poor choice for filtering network traffic. The best practice is to control access to the servers through their listener ports (as listed above) and, optionally, by source IP ranges. In other words, firewalls should allow traffic to the NuGenesis servers only through the listener port numbers and, secondarily, only from source IP addresses that should connect to the server. For example, a NuGenesis database could be configured to allow traffic only on port 1521 and, optionally, only from the IP addresses of the NuGenesis application servers (Web, File Capture, LMS). A NuGenesis LMS application server should allow traffic on port 8180 and, optionally, only from the IP ranges of the users' client machines.