Network Port Requirements
To successfully set up your Avantra environment you will need to understand the communication and port requirements for an Avantra installation. There are three areas that require attention:
-
Communication between the Avantra Server and remote Avantra Agents
-
Communication between your browser and the Avantra Server WebUI
-
Communication between your Avantra Server and any internal or external APIs e.g. ServiceNow or Avantra license activation services.
This guide is not designed to be a comprehensive guide for all SAP products. You can find a list of ports required for SAP products here.
Server Ports
Server incoming ports
Port | Used for | Communication type |
---|---|---|
80 / 8080 (not recommended) |
WebUI non-secure port - can be disabled during or after installation. |
Insecure web communications |
8443 / 443 |
WebUI secure port that is selected by the administrator during installation. |
Secure web communications (HTTPS) |
9050 |
Incoming communication to your Avantra from remote agents. |
Secure communications however please note it can also be used for the download of the Avantra Agent and Java packages only via HTTP. |
9058 |
Diagnostics WebUI for use in health-check and support scenarios. |
Typically only used when working with Avantra support on an issue and should be disabled in the Avantra server settings when not in use (configuration item |
5701 |
Communication with Hazelcast cluster for managing workflows and connections from the UI side on the Avantra master server. It can be configured using the master settings |
Hazelcast internal communication |
Server outgoing ports
Port |
Used for |
Communication type |
5432 |
Standard Postgres JDBC port used for communicating with the Avantra database. |
JDBC |
1433 |
Microsoft SQL port for communication outgoing from the Avantra Server to the Avantra database. |
MSSQL |
443 |
HTTPS communications to API endpoints such as the Avantra license activation service, Public cloud API endpoint and SAP APIs. |
HTTPS |
25, 587, 465 |
Ports for managing email notifications from the Avantra Server, the specific port number depends on the SMTP server configuration. |
Notification email |
Agent Ports
Agent incoming ports
Port | Used for | Communication type |
---|---|---|
9051 |
Incoming communication to your Avantra Agent from the Avantra server (or Avantra Gateway if using one). |
Secure communications however please note it can also be used for the download of the Avantra Agent and Java packages only via HTTP. |
Agent outgoing ports
Port | Used for | Communication type |
---|---|---|
33XX |
Note this usually happens within the monitored server i.e. doesn’t normally need a port to be opened as it is communicating all within the same host. Communication between the on-server agent and an SAP installation. XX depends on the SAP instance number. |
SAP RFC |
5xx13 (http) or 5xx14 (https) |
Note this usually happens within the monitored server i.e. doesn’t normally need a port to be opened as it is communicating all within the same host. Communication with the SAP System Database. XX depends on the SAP instance number. |
HTTP(s) |
81xx and 36xx |
Note this usually happens within the monitored server i.e. doesn’t normally need a port to be opened as it is communicating all within the same host. Communication with the SAP Message Server. XX depends on the SAP instance number. |
HTTP(s) |
Database ports |
If monitoring a database on the host e.g. PostgreSQL, HANA, MySQL then the agent would communicate locally with the default (or specified) port to monitor that object. |
JDBC |
Web Ports |
Custom checks or cloud services interacting with API endpoints as defined by you. |
HTTP(s) |
Agentless system monitoring or RISE with SAP environments
If you are using remote monitoring (where the Avantra Agent is not present on the host where a database or SAP System resides and you are monitoring over the network) then you will need to ensure that the Agent that is performing the monitoring over the network has the required port access to achieve that connectivity.
For example, if you’re in a RISE with SAP environment and remote monitoring an SAP system with an SAP HANA database, then you will need to ensure that the following ports are open:
-
HANA Database JDBC connection:
-
HANA SYSTEM DB - port 30013
-
HANA Tenant DB - port 30015
-
-
SAP System Message server - ports 81xx and 36xx (xx = instance number)
-
SAP System Database - either port 5xx13(http) or 5xx14(https)
-
SAP System RFC - port 33xx (xx = instance number)