Port Reference
Parallels Remote Application Server v16.1 and later
Table 1: Parallels Client
Source
|
Destination
|
Protocols
|
Destination Ports
|
Description
|
Parallels Client
|
HALB
|
TCP
UDP
TCP, UDP
|
80, 443, 3389
80, 443
20009
|
- TCP 3389 if RDP Load Balancing is enabled.
- If RDP-UDP is used.
- Client Manager, shadowing via FW.
|
Secure Gateway (Normal and Forwarding modes)
|
TCP
UDP
TCP, UDP
UDP
|
80, 443, 3389
80, 443
20009
20000
|
- TCP 3389 if RDP Load Balancing is enabled.
- If RDP-UDP is used.
- Client Manager, shadowing via FW only for Normal mode. Since v16 FW GWs don't support client management.
- GW Lookup Broadcast
|
RDP Session
|
TCP, UDP
|
3389
|
- Connections in Direct Mode 3389 is used. RDP connection is always encrypted.
|
Table 2: Web Browsers
Source
|
Destination
|
Protocols
|
Destination Ports
|
Description
|
HTML5 web browser
|
Secure Gateway
|
TCP
|
443
|
- HTML5 (in Normal mode only).
|
Web browser
|
Web Portal
|
TCP
TCP
|
81
443
|
- Web portal UI. Actual session uses the Parallels client information.
- If SSL enabled.
|
Web Portal
|
Secure Gateway
|
TCP
TCP
|
80, 443
|
|
Table 3: Secure Client Gateway
|
|
|
|
|
|
Source
|
Destination
|
Protocols
|
Destination Ports
|
Description
|
Secure Gateway in Forwarding Mode
|
Secure Gateway in Normal Mode
|
TCP
UDP
|
80, 443, 3389
80, 443
|
- TCP 3389 if RDP Load Balancing is enabled.
- If RDP-UDP is used.
Note: Since RAS v16, FW GWs don't support client management.
|
RAS Performance Monitor
|
TCP
|
8086
|
- Agent (Telegraf service) sends collected performance data to InfluxDB.
|
|
Secure Gateway in Normal Mode
|
Remote Desktop Services
|
TCP, UDP
|
3389
|
|
Publishing Agent
|
TCP
|
20002
|
- TCP 20002 Publishing Agent Service Port - communications with RAS Secure Client Gateways and the RAS Console (in Normal mode only).
|
RAS Performance Monitor
|
TCP
|
8086
|
- Agent (Telegraf service) sends collected performance data to InfluxDB.
|
Localhost
|
TCP
|
20020
|
- Communication with NodeJS web server.
|
Table 4: Publishing Agent
|
|
|
|
|
|
Source
|
Destination
|
Protocols
|
Destination Ports
|
Description
|
Publishing Agent
|
Publishing Agent
|
TCP
|
20001, 20030
|
- TCP 20001 Redundancy Service.
- TCP 20030 Communication between Publishing Agents running in the same site.
|
|
Parallels Licensing Server
|
TCP
|
443
|
- Outbound TCP 443- Publishing Agent (Master PA in Licensing Site) communicates with Parallels Licensing Server (https://ras.parallels.com).
|
RAS Performance Monitor
|
TCP
|
8086
|
- Agent (Telegraf service) sends collected performance data to InfluxDB.
|
RD Session Host Agent
|
TCP
|
30004
|
- TCP 30004 Server for PA requests.
|
Parallels VDI Agents
|
TCP
|
30006
|
- TCP 30006 VDI Agent Communication Port.
|
Parallels Guest Agent
|
TCP
TCP
|
30004
30005
|
- TCP 30004 is used by Console during RAS Template creation.
- TCP 30005 this is used by components on the destination RDS/guest/remote pc for internal communication. Client does not use it.
|
Parallels Remote PC Agent
|
TCP
|
30004
|
- Remote PC Agent Communication Port (agent state, counters and session information).
|
2FA Server/s
|
TCP, UDP
|
8080, 80, 1812, 1813
|
|
Table 5: RAS Console
Source
|
Destination
|
Protocols
|
Destination Ports
|
Description
|
RAS Console
|
SQL host with SSRS and Reporting component
|
TCP
|
30008
|
- Publishing Agent (RAS Console and Reporting).
|
HALB
|
TCP, UDP
|
31006
|
- TCP, UDP 31006 configuration.
|
Parallels Client
|
TCP
|
50005
|
- Shadowing from RAS Console in case of direct network connection.
|
Parallels Guest Agent
RD Session Host Agent
Parallels Remote PC Agent
Publishing Agent
Secure Gateway
|
TCP
|
135, 445, 49179
|
- Remote Install Push/Takeover of Software.
|
Parallels Guest Agent
Parallels PC Agent
Parallels RD Sessions Host Agent
|
UDP, TCP
|
30004
|
- Used for "Check Agent" task.
- Used to manage components.
|
Parallels VDI Agent
|
UDP, TCP
|
30006
|
|
- Used for "Check Agent" task.
- Used to manage component.
|
2FA Server/s
|
TCP, UDP
|
8080, 80, 1812, 1813
|
- Deepnet / Safenet / Radius.
|
www.turbo.net
|
TCP
|
80, 443
|
- When Turbo containerized apps publishing is enabled and used. Used to obtain app categories and available apps metadata for further publishing.
|
RAS Performance Monitor
|
TCP
|
3000
|
- Performance Dashdoard in the Monitoring category (Grafana connection).
|
Publishing Agent
|
TCP
|
20002, 20001
|
- Communication with PA and Redundancy,
|
Table 6: RD Session Host / VDI / Guest / Remote PC Agents
|
|
|
|
|
|
Source
|
Destination
|
Protocols
|
Destination Ports
|
Description
|
RD Session Host Agent
|
Publishing Agent
|
TCP
|
20003
|
- TCP, UDP 20003 Communications with Publishing Agents
|
Localhost
|
TCP
|
30005
|
- For internal commands - memshell, printer redirector).
|
www.turbo.net
|
TCP
|
80, 443
|
- When Turbo support is enabled and used. Used to download Turbo installation package and install / update application containers.
|
|
RAS Performance Monitor
|
TCP
|
8086
|
- Agent (Telegraf service) sends collected performance data to InfluxDB.
|
Parallels VDI Agent
|
Publishing Agent
|
TCP
|
20003
|
|
RAS Performance Monitor
|
TCP
|
8086
|
- Agent (Telegraf service) sends collected performance data to InfluxDB
|
Parallels Guest Agent
|
VDI Agent
|
TCP
|
30006
|
- Communication with VDI Agent
|
Broadcast
|
UDP
|
30006
|
- Subnet broadcast is sent to find VDI agent.
|
Localhost
|
TCP
|
30005
|
- For internal commands - memshell, printer redirector.
|
RAS Performance Monitor
|
TCP
|
8086
|
- Agent (Telegraf service) sends collected performance data to InfluxDB.
|
Parallels Remote PC Agent
|
Publishing Agent
|
TCP
|
20003
|
- Publishing Agent communication.
|
Localhost
|
TCP
|
30005
|
- For internal commands - memshell, printer redirector).
|
RAS Performance Monitor
|
TCP
|
8086
|
- Agent (Telegraf service) sends collected performance data to InfluxDB.
|
|
Table 7: HALB
|
|
|
|
|
|
Source
|
Destination
|
Protocols
|
Destination Ports
|
Description
|
HALB
|
HALB
|
VRRP
|
112
|
|
|
|
Common Communication Ports
Source
|
Destination
|
Protocols
|
Destination Ports
|
Description
|
RAS Console
|
Any host where to which Agents are pushed
|
TCP
|
135, 445, 49179
|
- Remote Install Push/Takeover of Software.
|
Master PA
|
AD DS controllers
|
TCP
TCP
TCP
UDP
|
389, 3268
636, 3269
88
53
|
|
2FA Server/s
|
TCP, UDP
|
8080, 80, 1812, 1813
|
- Deepnet / Safenet / Radius.
|
For Active Directory and Active Directory Domain Services port requirements, please see the following article: https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
|