Default Ports for Change Guardian Server

  • 7018005
  • 01-Sep-2016
  • 01-Sep-2016

Environment

NetIQ Change Guardian 4.1
NetIQ Change Guardian 4.2

Situation

What ports are required for Change Guardian Server and Agent communication?
What ports are required for Change Guardian Agent to communicate with the CG Server?

Resolution

The Change Guardian Server requires the following ports: 
8094 Inbound Required Port Allows the Change Guardian Server to accept connections from agents that retrieve their assigned monitor policies.
8443 Inbound Required Port Allows the Change Guardian Server to receive events from monitored assets.
389 or 636 Outbound Required Port Enables the LDAP authentication and the expansion of Active Directory groups.  The port initiates a connection to the LDAP Server.
25 Outbound Optional Default email port.  This port may be different based on the specific email implementation.
54984 Inbound Optional Used by the Sentinel Appliance Management Console (WEBYAST).  Also used by the Sentinel appliance for the update Service. 
443 or 80 Outbound Optional WebYast initiates a connection to either the NetIQ appliance update repository  (https://nu.novell.com) or a subscription management tool service location on your network.
9094 Inbound Required Allows the Change Guardian Server to call JAVOS on this port to (loopback) signal/reset the event destination cache.
9095 Inbound Required Allows users to see runtime metrics and active threads.
(loopback)
8082 Inbound Required  Allows the CAM Service to connect from the agent to request the agent software. (version 4.2) 

The Change Guardian Agent Ports: 
8094  Inbound Required Allows the Policy Editor to connect to the agent to browse objects on the monitored asset. (Windows)
8094 Outbound Required Allows the agent to connect to the Change Guardian Server to retrieve assigned monitoring policies and heartbeat. 
8443 Outbound Required Allows the agent to connect to the Change Guardian Server or Sentinel to send events. 
2620 Inbound Optional  Allows the Policy Editor to connect to the agent to browse objects on the monitored asset. (Unix)


Cause

Connection or communication issues before, during or after an installation of Change Guardian. 

Additional Information

The ports listed above are hard coded into the product and cannot be modified.  

Feedback service temporarily unavailable. For content questions or problems, please contact Support.