RAS Connection Broker
Source |
Destination |
Protocols |
Ports |
Description |
RAS Connection Broker |
AD DS controllers |
TCP TCP TCP,UDP UDP |
389, 3268 636, 3269 88 53 |
LDAP LDAPS Kerberos DNS |
RAS Connection Broker |
TCP |
20001 20030 |
Redundancy service. Communication between RAS Connection Brokers running in the same site. |
|
Parallels Licensing Server |
TCP |
443 |
RAS Connection Broker (primary Connection Broker in Licensing Site) communicates with Parallels Licensing Server (https://ras.parallels.com). Note: Not required for Tenant Broker RAS Connection Broker (see the Tenant Broker section). |
|
RAS Performance Monitor |
TCP |
8086 |
Agent (Telegraf service) sends collected performance data to InfluxDB. |
|
RAS RD Session Host Agent |
TCP, UDP |
30004 |
Server for Connection Broker requests. |
|
RAS Provider Agent |
TCP, UDP |
30006 |
Provider Agent communication port. |
|
RAS Remote PC Agent |
TCP, UDP |
30004 |
Remote PC Agent Communication Port (agent state, counters and session information) |
|
2FA Server(s) |
TCP, UDP |
8080, 80 1812, 1813 |
Deepnet/ Safenet Radius |
|
RAS Enrollment Server |
TCP |
30030 |
RAS Connection Broker Sends RAS Enrollment Server connection Request |
|
RAS Reporting |
TCP |
30008 |
Master RAS Connection Broker communicates with RAS Reporting (installed on the same host as SSRS). |
|
RAS Remote Installer Service |
TCP |
30020 |
Remote agent pushing |
|
RAS RD Session Host Agent RAS Guest Agent RAS Remote PC Agent RAS Connection Broker RAS Secure Gateway RAS Enrollment Server |
TCP |
135, 445, 49179 |
Remote Install Push/Takeover of Software |
|
SMTP |
TCP |
587 |
Notifdispatcher is the service which sends the emails using port specified in the Mailbox settings (+SSL/TLS) |
|
Let's Encrypt Service |
TCP |
80, 443 |
Communication between the Let's Encrypt client (available in the primary Connection Broker) and a Let's Encrypt server. |