TCP and UDP Port Values Used for Reflection Connections

  • 7021759
  • 18-Dec-2003
  • 01-Apr-2018

Environment

Reflection for IBM version 14.x
Reflection for HP version 14.x
Reflection for ReGIS Graphics version 14.x
Reflection for UNIX and OpenVMS version 14.x
Reflection X version 14.x
Reflection FTP Client version 14.x
Reflection LPD version 14.0 through 14.0 SP7

Situation

This technical note lists the TCP and UDP ports used by Reflection applications and components. This information is useful for troubleshooting, and when configuring a firewall to allow Reflection connections.

Resolution

Important Security Notes:

  • Creating a secure network environment is a complex task involving many custom elements designed to fit your individual network environment and security needs. The information provided in this note does not include all necessary security options for your environment. This information is designed only to provide Reflection customers with a framework on which to start building individual security environments.
  • When configuring a firewall, be as restrictive as possible. Open only ports and IP protocols that are necessary for the connection types you intend to use, and be specific about whether the connection should be incoming or outgoing. The direction of the connection depends on where the connection is initiated and the protocol in use. For example, an active FTP connection requires the initiating computer to have outgoing port 21/tcp (command channel) and incoming port 20/tcp (data channel) open.
  • The lists below specify only default Reflection ports. Depending on your network environment, you may need to configure additional port values.

Port Values

The tables below detail the port values for service protocols supported by the following Reflection applications. Whether or not the port should be configured for incoming or outgoing data depends on where the connection is initiated from and your network configuration.

Reflection Windows-Based Applications—Includes Reflection for IBM, Reflection for UNIX and OpenVMS, Reflection for ReGIS Graphics, and Reflection for HP.
Reflection PC X Server and NFS Client Applications—Includes Reflection X, Reflection NFS Client.
Reflection Components—Includes Reflection FTP, Reflection TimeSync, Reflection Line Printer Daemon (LPD), Reflection Ping.

The values used by Reflection are IANA (Internet Assigned Numbers Authority) and other standard values.

Reflection Windows-Based Applications

The following ports and service protocols are used in Reflection for IBM, Reflection for UNIX and OpenVMS, Reflection for ReGIS Graphics, and Reflection for HP.

Application abbreviation key:

RIBM - Reflection for IBM
RUO - Reflection for UNIX and OpenVMS
RRG - Reflection for ReGIS Graphics
RHP - Reflection for HP
    Port /
    IP Protocol

    Service
    Protocol

    Comment
    RIBM
    RUO
    RRG
    RHP
    20/tcp
    FTP-data
    Data channel
     
    X
    X
    X
    21/tcp
    FTP
    Command channel
     
    X
    X
    X
    22/tcp
    SSH
    Secure Shell, sftp, scp
     
    X
    X
    X
    23/tcp
    Telnet
    Telnet; TN3270; TN3270; TN5250
    X
    X
    X
    X
    42/tcp
    Nameserver
    Hostname to IP address
    X
    X
    X
    X
    53/udp/tcp
    DNS
    Domain Name Services
    X
    X
    X
    X
    80/tcp
    HTTP
    Unsecure HTTP via Reflection Web Launch and Reflection for the Web
    X
    X
    X
    X
    88/udp/tcp
    Kerberos
    Kerberos authentication
    X
    X
    X
    X
    443/udp/tcp
    https
    Secure http via Reflection Web Launch and Reflection for the Web
    X
    X
    X
    X
    443/udp/tcp
    kpasswd
    Kerberos password changing (kpasswd daemon)
    X
    X
    X
    X
    513/tcp
    login
    rlogin
     
    X
    X
    X
    749/udp/tcp
    kerberos-adm
    Kerberos password changing (v5passwdd daemon)
    X
    X
    X
    X
    992/tcp
    telnet
    SSL-secured Telnet
    X
    X
    X
    X
    1080/udp/tcp
    socks
    SOCKS
    X
    X
    X
    X
    1024-5000
    VAXLINK2 FFT
    Fast file transfer
     
    X
    X
    X
    1530
    1537

    NS/VT
    Network Services, Virtual Terminal
     
    X
    X
    X
    1649/udp/tcp
    kermit
    Kermit file transfer
     
    X
    X
    X
    8471/tcp
    lipi
    AS/400 LIPI file transfer
    X
     
     
     
    8476/tcp
    lipi
    AS/400 signon server port
    X
     
     
     
    8478/tcp
    ehntfw
    AS/400 EHNTFW file transfer
    X
     
     
     
    30000-40000
    PCLINK FFT
    Fast file transfer
     
    X
    X
    X

Reflection PC X Server and NFS Client Applications

The following ports and service protocols are used in Reflection X and Reflection NFS Client.

Note the following:

  • Reflection X XDMCP broadcasts and Reflection NFS Client connections do not use well-known port numbers and can not be used through a firewall.
  • Beginning in version 14.1, the Reflection NFS Client is no longer available.

Application abbreviation key:

RX - Reflection X
NFS - Reflection NFS Client
    Port /
    IP Protoco
    l

    Service
    Protocol

    Comment
    RX
    NFS
    22/tcp
    SSH
    Secure Shell, sftp, scp
    X
     
    23/tcp
    Telnet
    Telnet; TN3270; TN3270; TN5250
    X
     
    42/tcp
    Nameserver
    Hostname to IP address
    X
    X
    53/udp/tcp
    DNS
    Domain Name Services
    X
    X
    80/tcp
    HTTP
    Unsecure HTTP via Reflection Web Launch and Reflection for the Web
    X
     
    88/udp/tcp
    Kerberos
    Kerberos authentication
    X
     
    111
    Sunrpc
    Portmapper
     
    X
    177/udp
    XDMCP Broadcast
    X Display Manager
    X
     
    443/udp/tcp
    https
    Secure http via Reflection Web Launch and Reflection for the Web
    X
     
    443/udp/tcp
    kpasswd
    Kerberos password changing (kpasswd daemon)
    X
     
    512/tcp
    exec
    rexec
    X
     
    513/tcp
    login
    rlogin
    X
     
    514/tcp
    shell
    rsh
    X
     
    635/udp
    mount
    NFS mount service
     
    X
    640/udp
    pcnfs
    PC-NFS DOS authentication
     
    X
    731/udp
    733/udp

    ypserv
    NIS server and binder processes
     
    X
    732/tcp
    ypserv
    NIS server and binder processes
     
    X
    749/udp/tcp
    kerberos-adm
    Kerberos password changing (v5passwdd daemon)
    X
     
    1080/udp/tcp
    socks
    SOCKS
    X
     
    2049/udp/tcp
    nfsd
    NFS file service
     
    X
    6000/tcp
    X Protocol
    Incoming ports for RX clients
    X
     
    7000/tcp
    fs
    X font server
    X
     
    7100/tcp
    xfs
    X font server
    X
     

Reflection Components

The following ports and service protocols are used in Reflection FTP, Reflection TimeSync, Reflection Line Printer Daemon (LPD), and Reflection Ping.

Note: Beginning in version 14.1, the following components are no longer available: TimeSync, LPD, and Ping. If you have any of these utilities installed on your system, they are removed when you upgrade to 14.1.

Component abbreviation key:

RFTP - Reflection FTP
LPD - Reflection Line Printer Daemon
Port /
IP Protocol

Service
Protocol

Comment
RFTP
TimeSync
LPD
Ping
7/icmp
Echo
Data echo
 
 
 
X
20/tcp
FTP-data
Data channel
X
 
 
 
21/tcp
FTP
Command channel
X
 
 
 
22/tcp
SSH
Secure Shell, sftp, scp
X
 
 
 
37/udp/tcp
Time
Timeserver
 
X
 
 
42/tcp
Nameserver
Hostname to IP address
X
X
X
X
53/udp/tcp
DNS
Domain Name Services
X
X
X
X
88/udp/tcp
Kerberos
Kerberos authentication
X
 
 
 
123/udp
NTP
Network Time Protocol
 
X
 
 
443/udp/tcp
kpasswd
Kerberos password changing (kpasswd daemon)
X
 
 
 
515/tcp
printer
spooler
 
 
X
 
520/udp
route
routed
 
 
 
X
749/udp/tcp
kerberos-adm
Kerberos password changing (v5passwdd daemon)
X
 
 
 
1080/udp/tcp
socks
SOCKS
X
 
 
 

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 1787.