I have listed down “Dell EMC Unity firewall Ports for user access, management and replication“. Recently, I got a task to setup async replication between Dell unity arrays. Replication interfaces were in the green zone. But management interfaces were behind the firewall.
I was wondering, what all ports would require to make replication connection working across the firewall. I have exported this list from Dell support site and categorized, to help one someone like me in the same situation.
Depending upon your need, you can open these ports on firewall and setup management or replication across unity.
Ports required for Unity Administration
| Port | Protocol | Service | Comments | Applicable to | |
| 80 | TCP | HTTP | Used for HTTPS management traffic by Management IP WebUI. Authentication based on local CS users. | Administration (occasional) | Management IP |
| 123 | TCP/UDP | NTP | Network Time Protocol | Administration (occasional) | Management IP / NAS Server |
| 443 | TCP | HTTPS | Used for HTTPS management traffic by Management IP WebUI. Authentication based on local CS users. | Administration (occasional) | Management IP |
| 4658 | TCP | PAX | Portable Archive Interchange (PAX) service is used for tape backup functionality | Administration (frequent) | NAS Server |
| 8000 | TCP | HTTP | Used for HTTPS management traffic by Management IP WebUI. Authentication based on local CS users. | Administration (occasional) | Management IP |
| 8443 | TCP | HTTPS | Used for HTTPS management traffic by Management IP WebUI. Authentication based on local CS users. | Administration (occasional) | Management IP |
| 9443 | TCP | HTTPS | Used for HTTPS management traffic by Management IP WebUI. Authentication based on local CS users. | Administration (occasional) | Management IP |
Ports required for Dell Unity End-user access
| Port | Protocol | Service | Comments | Applicable to | |
| 53 | TCP/UDP | DNS | Domain Name Services | Administration (occasional) End User Access (frequent) | Management IP / NAS Server |
| 88 | TCP/UDP | Kerberos Ticket | Active Directory | Administration (occasional) End User Access (frequent) | Management IP / NAS Server |
| 135 | TCP | rcpbind | iSCSI | End User Access (frequent) | Management IP NAS Server |
| 137 | UDP | NETBIOS Name Service | Needed for CIFS. | End User Access (frequent) | NAS Server |
| 138 | UDP | NETBIOS Datagram Service | Needed for CIFS / iSCSI | End User Access (frequent) | Management IP / NAS Server |
| 139 | TCP | NETBIOS Session Service | Needed for CIFS. | End User Access (frequent) | NAS Server |
| 389 | TCP/UDP | LDAP | Needed for NFSV4 / CIFS. | End User Access (frequent) | Management IP / NAS Server |
| 445 | TCP | Microsoft-DS | SMB/CIFS | End User Access (frequent) | Management IP NAS Server |
| 464 | TCP/UDP | Kerberos Password | SMB/CIFS | End User Access (frequent) | Management IP NAS Server |
| 1234 | TCP/UDP | mount | Needed for NFS. | End User Access (frequent) | NAS Server |
| 2049 | TCP/UDP | NFS | Needed for NFS. | End User Access (frequent) | NAS Server |
| 3260 | TCP | iSCSI | iSCSI Software Target Service. | End User Access (frequent) | Management IP |
| 3268 | UDP | LDAP | Needed for NFSV4 / CIFS. | End User Access (frequent) | Management IP / NAS Server |
Dell Unity service notification ports
| Port | Protocol | Service | Comments | Applicable to | |
| 25 | TCP | SMTP | Simple Mail Transfer Protocol | Service Notification (frequent) | Management IP / NAS Server |
| 162 | TCP | SNMP2 | Simple Network Management Protocol | Service Notification (frequent) | Management IP NAS Server |
| 199 | UDP | SNMP2 | Simple Network Management Protocol | Service Notification (frequent) | Management IP NAS Server |
Dell Unity System functionality ports
| Port | Protocol | Service | Comments | Applicable to | |
| 5080 | TCP | HTTP | HTTP is used as a transport medium for Filemover (ILM policy engine to DM; HTTP digest authentication) | System Functionality (frequent) | Management IP |
| 5085 | TCP | RCP | Used by A-sync replication as Destination Control Port. | System Functionality (frequent) | NAS Server |
| 10000 | TCP | NDMP | Network Data Management Protocol. Can be disabled if NDMP tape backup is not implemented. Authenticated service. | System Functionality (frequent) | NAS Server |
| 32768 | TCP/UDP | statd | Dynamically allocated. | System Functionality (frequent) | Management IP / NAS Server |
| 39494 | TCP/UDP | lockd | Dynamically allocated. | System Functionality (frequent) | Management IP / NAS Server |
| 49152 – 65335 | TCP/UDP | statd, rquotad, lockd, MAC, NFS client, NIS server | Dynamic/Private | System Functionality (frequent) | Management IP / NAS Server |
Dell Unity Async and Sync Replication ports
Async replication ports on unity
| Interface | Protocol | Port |
| Unisphere mgmt Ip | TCP | 443 |
| Replication | TCP | 5085 |
| Replication | TCP | 8888 |
Sync replication ports on Unity
| Interface | Protocol | Port |
| Unisphere mgmt Ip | TCP | 443 |
| Replication | TCP | 5085 |
It’s not advisable to keep replication interfaces behind a firewall. In case, only your Unity management IP’s are behind a firewall. Then you can ask your firewall team to open TCP 443 port bidirectional. So that, it can discover other site unity array and can make replication connection. Make sure your replication interfaces are in the green zone.
Dell Unity troubleshooting ports
| Port | Protocol | Service | Comments | Applicable to | |
| 20 | TCP | FTP | FTP data transfer port. Close port by disabling FTP. | Troubleshooting (frequent) End User Access (infrequent) | Management IP / NAS Server |
| 21 | TCP | FTP | FTP control port. FTP listens on this port for incoming requests. Disable via netd file. | Troubleshooting (frequent) End User Access (infrequent) | Management IP / NAS Server |
| 22 | TCP | SSH | Remote access to system | Troubleshooting (frequent) | Management IP |
Conclusion
The above list covers approximately all Dell EMC unity firewall ports with functionality details. Let me know by your comments if you found any port, which is missing or should be included.
See you soon in some other helpful post.
