Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The

Spacevars
0series4
  platforms (SBC 5000 series, SBC 7000, SBC SWe) listen to the TCP/IP network ports listed in the following tables. Some of these ports will not be open if the corresponding product features are not configured.

Note
iconfalse
titleNote
The actual ports that the
Spacevars
0product
listens to depends on the actual system configuration.
Warning

Due to an IPMI vulnerability, Sonus recommends not connecting the BMC Ethernet port to an external network unless the network is deemed well-protected.

[Reference: NIST National Vulnerability Database website]

Multiexcerpt
MultiExcerptNameME1

SBC 5000/7000 Series BMC Ports

Caption
0Table
1SBC 5000/7000 Series BMC Ports
Protocol

Network Port

Application Level ProtocolProcess Using the Ports

Usage

Notes
TCP22  BMC CLI via SSHBMC CLI over SSHv2.
TCP80  BMC GUI redirection to port 443

HTTP server redirects browser to port 443 for HTTPS. No actual BMC access on port 80.

TCP443  BMC GUI via HTTPS 
TCP

5120

  

BMC Remote Console: CD

 
TCP

5121

  

BMC Remote Console: Keyboard and Mouse

 
TCP

5123

  

BMC Remote Console: Diskette

 
TCP

5555

  

BMC Remote Console: Encryption

 
TCP

5556

  

BMC Remote Console: Authentication

 
TCP

6481

  

BMC Remote Console: Servicetag Daemon

 
TCP

7578

  

BMC Remote Console: Video

 
TCP7579   BMC Remote Console: Serial 
Multiexcerpt
MultiExcerptNameME2

SBC Core Management Ports

Caption
0Table
1SBC Core Management Ports
Protocol

Network Port

Application Level ProtocolProcess Using the Ports

Usage

Notes

TCP

 

 

 

 

 

 

 

 

 

 

 

22

  

SBC application CLI via SSH 

Application CLI over SSHv2.

80

  

Embedded Management Application (EMA) GUI redirection to port 443

HTTP server redirects browser to port 443 for HTTPS. No actual EMA access on port 80. 

443

  

EMA GUI via https

 

444

  

EMA GUI, Platform Mode via https

 

2022

  

Netconf OAM interface 

Netconf over SSHv2. Used by Sonus EMS to manage the SBC.

2024

  

Linux SFTP access via SSH 

 
3091  SSReq troubleshooting toolDefault TCP port

4680

  

SecureLink client GUI via http 

The SecureLink client is a RASO feature that creates and maintains an SSH connection to the SecureLink server at SonusHQ, to support remote troubleshooting. This port presents a GUI interface to manage the SL client.

NOTE: SecureLink runs on a separate VM instance for SBC SWe; hence this port is not applicable for SBC SWe.

UDP

 

 

123  Network Timing Protocol Daemon (NTPD) 

161   

  

SNMP agent 

Statistics and status retrieval. Read only.

3054  PSX call processing requestsThis port is used for call processing requests coming from the PSX to the SBC over Diameter+. This can also be configured through PKT ports.
3055  Keep alive messages and registration (Diameter).This can also be configured through PKT ports.

3069  

  

ERE   

ERE SIP SCPA process.

3090  SSReq troubleshooting toolDefault UDP port

65xxx  

  

PSX    

Dynamically allocated server port number. Part of SBC communication with external PSX.

 

SBC Core Media Physical Ports at Interface IP Addresses

Caption
0Table
1SBC Core Media Physical Ports at Interface IP Addresses
Protocol

Network Port

Application Level ProtocolProcess Using the Ports

Usage

Notes

UDP

500

  

IKE

IKEv1 or IKEv2 Internet Key Exchange for IPSec

1024-65534

  

RTP, RTCP, SRTP, SRTCP

Real time media

ESP

N/A

  

IPSec ESP

Encapsulating Security Payload

 

SBC Core Media Physical Ports at Signaling Port IP Addresses

Caption
0Table
1SBC Core Media Physical Ports at Signaling Port IP Addresses
Protocol

Network Port

Application Level ProtocolProcess Using the Ports

Usage

Notes

TCP

2569

  

GW – GW signaling

Sonus proprietary gateway-to-gateway signaling. Listen port is configurable; 2569 is the default.

NOTE: This port is not applicable for SBC SWe as GW-GW signaling is not supported for SWe.

5060

  

SIP signaling over TCP

Listen port is configurable; 5060 is the default.

5061

  

SIP signaling over TLS over TCP

Listen port is configurable; 5061 is the default.

UDP

5060

  

SIP signaling over UDP

Listen port is configurable; 5060 is the default.

SCTP

5060

  

SIP signaling over SCTP

Listen port is configurable; 5060 is the default.

ESP

N/A

  

IPsec ESP

Encapsulating Security Payload. Terminates on signaling address when IPSec is used in IMS access and peering modes (in peering mode, the protected address may be different).

Note

If a zone's sipSigPort is configured for transportProtocolsAllowedsip-tls-tcp, the SBC increments the configured portNumber by 1 and uses it as the new port number for SIP over TLS signaling. The SBC then opens a TCP socket for SIP over TLS for the new TCP port number.

Example: When sipSigPort is configured with a portNumber of 5060 and transportProtocolsAllowed = sip-tls-tcp, the SBC listens on TCP port 5061 for SIP over TLS.

 

Pagebreak