Communication ports used for ADC, ADM
Article ID: CTX462403
Updated On:
Description
Customer's security team has scanned unusual traffic originated from SNIP from ports 4899,12345 etc..
Customer wanted to investigate on this.
Instructions
We verified the traces and the destination ports were 5557, 53 which was used for ADM analytics communication and DNS.Source port will be random TCP ports and destination ports matters.
Citrix ADC
| Source | Destination | Type | Port | Details |
|---|---|---|---|---|
| Citrix ADC SNIP | Citrix ADM | UDP | 4739 | For AppFlow communication |
| SNMP | 161, 162 | To send SNMP events | ||
| Syslog | 514 | To receive syslog messages in Citrix ADM | ||
| TCP | 5557, 5558 | For logstream communication from Citrix ADC to Citrix ADM. | ||
| DNS Server | TCP, UDP | 53 | DNS name resolution |
Citrix ADM
| Source | Destination | Type | Port | Details |
|---|---|---|---|---|
| Citrix ADC SNIP | Citrix ADM | TCP | 5563 | To receive ADC metrics (counters), system events, and Audit Log messages from Citrix ADC instance to Citrix ADM |
| TCP | 5557, 5558 | For logstream communication (for Security Insight, Web Insight, and HDX Insight) from Citrix ADC | ||
| UDP | 162 | To receive SNMP events from Citrix ADC | ||
| UDP | 4739 | To receive ADC analytics log data using IPFIX protocol | ||
| Citrix NSIP | Citrix ADM | UDP | 514 | To receive syslog messages from Citrix ADC ADM |
| Citrix ADM | Citrix ADM Agent | TCP | 443, 8443, 7443 | Port for communication between Citrix ADC agent and Citrix ADM |
Issue/Introduction
This article provides an overview of common ports that are used by Citrix components and must be considered as part of networking architecture, especially if communication traffic traverses network components such as firewalls or proxy servers where ports must be opened to ensure communication flow.
Not all ports need to be open, depending on your deployment and requirements.
Was this article helpful?
Yes
No
Powered by
