Ports Used by CA Process Automation

The following tables describe in detail the port usage of the various  components. These tables are comprehensive and contain duplication to provide a complete picture for each component.
catpa04305
The following tables describe in detail the port usage of the various 
CA Process Automation
 components. These tables are comprehensive and contain duplication to provide a complete picture for each component.
 
 
3
 
 
Ports Used by CA EEM
The following tables provide an overview of the ports that are used for communications from and to CA Embedded Entitlements Manager (CA EEM).
Communications from CA EEM
From
Port
To
Default Listening Port
Protocol
Configuration
Description
CA EEM
Any
CA EEM
509
TCP
CA EEM Configuration
Used by CA EEM iTechPoz when CA EEM is configured as an HA cluster.
CA EEM
Any
CA EEM
1684
TCP
CA EEM Configuration
Used by CA EEM iTechPoz Router when CA EEM is configured as an HA cluster (CA EEM 8.4 only)
CA EEM
Any
CA EEM
5250
TCP
CA EEM Configuration
Used by CA EEM iGateway when CA EEM is configured as an HA cluster.
 
Communications to CA EEM
From
Port
To
Default Listening Port
Protocol
Configuration
Description
CA EEM
Any
CA EEM
509
TCP
CA EEM Configuration
Used by CA EEM iTechPoz when CA EEM is configured as an HA cluster.
CA EEM
Any
CA EEM
1684
TCP
CA EEM Configuration
Used by CA EEM iTechPoz Router when CA EEM is configured as an HA cluster (CA EEM 8.4 only)
CA EEM
Any
CA EEM
5250
TCP
CA EEM Configuration
Used by CA EEM iGateway when CA EEM is configured as an HA cluster. 
Orchestrator
Any
CA EEM
5250
TCP
CA EEM Configuration
Used to validate credentials and permissions (authentication and authorization).
Web Browser (CA EEM Administrator)
Any
CA EEM
5250
TCP
CA EEM Configuration
Web Browser accessing the CA EEM UI
 
Ports Used by the Load Balancer
The following tables provide an overview of the ports that are used for communications from and to the configured load balancer. Supported load balancers include NGINX, Apache, and F5.
 
Communications from the Load Balancer
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Load Balancer
Any
Orchestrator
80
HTTP
Oasisconfig.properties
Load Balancer talks to Orchestrator on this port.
Load Balancer
Any
Orchestrator
443
HTTPS
Oasisconfig.properties
Load Balancer talks to secure Orchestrators on this port.
Load Balancer
Any
Orchestrator
8080
HTTP
Oasisconfig.properties
Load Balancer talks to Orchestrator on this port.
Load Balancer
Any
Orchestrator
8443
HTTPS
Oasisconfig.properties
Load Balancer talks to secure Orchestrator on this port.
Load Balancer
Any
Orchestrator
8009
TCP/AJP
Oasisconfig.properties
Load Balancer - AJP connector port between Load Balancer and Orchestrator.
This port does not apply to NGINX.
 
Communications to the Load Balancer
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Agent
Any
Load Balancer
80
HTTP
Apache: httpd.conf
NGINX: pam-server.conf
F5: iRules Config
Load Balancer port for basic communication
Agent
Any
Load Balancer
443
HTTPS
Apache: httpd-ssl.conf
NGINX: secure-pam-server.conf
F5: iRules config
Load Balancer port for secure communication
Web Browser
(CA Process Automation Web UI user)
Any
Load Balancer
80
TCP
Apache: httpd.conf
NGINX: pam-server.conf
F5: iRules Config
Load Balancer port for basic communication
Web Browser
(CA Process Automation Web UI user)
Any
Load Balancer
443
TCP
Apache: httpd.conf
NGINX: secure-pam-server.conf
F5: iRules
Load Balancer port for secure communication
Web Services (SOAP) Client
Any
Load Balancer
80
TCP
Apache: httpd.conf
NGINX: pam-server.conf
F5: iRules Config
Load Balancer port for basic communication
Web Services (SOAP) Client
Any
Load Balancer
443
TCP
Apache: httpd.conf
NGINX: secure-pam-server.conf
F5: iRules
Load Balancer port for secure communication
 
Ports Used by an Orchestrator
The following tables provide an overview of the ports that are used for communications, specifically:
  • Communication from an Orchestrator to another component in a 
    CA Process Automation
     system
  • Communication between Orchestrators
  • Communication to an Orchestrator from another component in a 
    CA Process Automation
     system
 
Communications from an Orchestrator to another Orchestrator
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Orchestrator
Any
CA EEM
5250
TCP
CA EEM Configuration
Used to validate credentials and permissions (authentication and authorization)
Orchestrator
Any
Agent
7003
HTTP/HTTPS
Specified during the agent installation or re-installation
DeprecatedAgent listens on this deprecated port when using the old mode of communication with Orchestrators
Orchestrator
Any
Microsoft
SQL
Database Server
1433
TCP
Microsoft SQL Configured
The database port can be changed in the database server installation.Default Value: 1433
Orchestrator
Any
MySQL Database Server
3306
TCP
MySQL Configured
The database port can be changed in the database server installation.
Default Value: 3306
Orchestrator
Any
Oracle Database Server
1521
TCP
Oracle Configured
The database port can be changed during Create Listener; 1521 is the default value for the Oracle Listener port. The database instance can be associated with a different listener. Refer the Oracle Configuration.
 
Communications between Domain Orchestrator and Non-Domain Orchestrator
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Orchestrator
Any
Non-Domain Orchestrator
7001
HTTP/HTTPS
OasisConfig.properties
Ports that are used for communication between Orchestrators
Non-Domain Orchestrator
Any
Domain Orchestrator
8080
TCP
OasisConfig.properties
Basic Orchestrator to Orchestrator Communication
Non-Domain Orchestrator
Any
Domain Orchestrator
8443
TCP
OasisConfig.properties
Secure Orchestrator to Orchestrator Communication
Non-Domain Orchestrator
Any
Domain Orchestrator
80
TCP
OasisConfig.properties
Basic Orchestrator to Orchestrator Communication
Non-Domain Orchestrator
Any
Domain Orchestrator
443
TCP
OasisConfig.properties
Secure Orchestrator to Orchestrator Communication
Orchestrator
Any
Orchestrator
1090
TCP
OasisConfig.properties
JBoss Reporting port is used only between Orchestrators
Orchestrator
Any
Orchestrator
1098
TCP
OasisConfig.properties
JBoss RMI port is used only between Orchestrators
Orchestrator
Any
Orchestrator
1099
TCP
OasisConfig.properties
JBoss JNDI port is used only between Orchestrators
Orchestrator
Any
Orchestrator
1100
TCP
OasisConfig.properties
JBoss: HA_Java Naming and Directory Interface is used only between Orchestrators
Orchestrator
Any
Orchestrator
1101
TCP
OasisConfig.properties
JBoss: HA_Java Remote Method Invocation is used only between Orchestrators
Orchestrator
Any
Orchestrator
1102
UDP
OasisConfig.properties
JBoss: JNDI Autodiscovery service is used only between Orchestrators
Orchestrator
Any
Orchestrator
3873
TCP
OasisConfig.properties
JBoss: EJB3 Remoting Connector is used only between Orchestrators
Orchestrator
Any
Orchestrator
4444
TCP
OasisConfig.properties
JBoss RMI Server port is used only between Orchestrators
Orchestrator
Any
Orchestrator
4445
TCP
OasisConfig.properties
JBoss Pooled Invoker port is used only between Orchestrators
Orchestrator
Any
Orchestrator
4446
TCP
OasisConfig.properties
JBoss HA Pooled Invoker port is used only between Orchestrators
Orchestrator
Any
Orchestrator
4447
TCP
OasisConfig.properties
JBoss HA-RMI Server port is used only between Orchestrators
Orchestrator
Any
Orchestrator
4448
TCP
OasisConfig.properties
JBoss HA Pooled Invoker port is used only between Orchestrators
Orchestrator
Any
Orchestrator
4457
TCP
OasisConfig.properties
JBoss Messaging port is used only between Orchestrators
Orchestrator
Any
Orchestrator
4712
TCP
OasisConfig.properties
JBoss Transaction Status Recovery Manager port is used only between Orchestrators
Orchestrator
Any
Orchestrator
4713
TCP
OasisConfig.properties
JBoss Transaction Status Manager port is used only between Orchestrators
Orchestrator
Any
Orchestrator
7600
TCP
OasisConfig.properties
JBoss clustering port is used only between Orchestrators
Orchestrator
Any
Orchestrator
7900
TCP
OasisConfig.properties
JBoss clustering port is used only between Orchestrators
Orchestrator
Any
Orchestrator
7901
TCP
OasisConfig.properties
JBoss clustering port is used only between Orchestrators
Orchestrator
Any
Orchestrator
8083
TCP
OasisConfig.properties
JBoss RMI Webservice port is used only between Orchestrators
Orchestrator
Any
Orchestrator
61618
TCP
OasisConfig.properties
ActiveMQ messaging subsystem
 
CA Process Automation
 uses JBoss 5.1, which listens on a random set of dynamic ports in the range (49152-65535). The dynamic ports are required for various features, including cluster node communication. Consider that 
CA Process Automation
 cannot communicate on these ports. Then, functionality may be severely limited (for example, processes may become stuck).
We recommend that nothing should be placed between cluster nodes that could block communication. Consider that a firewall is required. Then, we recommend that you open all TCP ports in both directions between the cluster nodes for the java.exe process. Here, the java.exe process should be associated with 
CA Process Automation
.
 
Communications to a Clustered Orchestrator from another Component
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Load Balancer
Any
Orchestrator
8080
HTTP
Oasisconfig.properties
Load Balancer talks to Orchestrator on this port.
Load Balancer
Any
Orchestrator
8443
HTTPS
Oasisconfig.properties
Load Balancer talks to secure Orchestrators on this port.
Load Balancer
Any
Orchestrator
8009
TCP/AJP
OasisConfig.properties
Load Balancer - AJP connector port between Load Balancer and Orchestrator. This port does not apply to NGINX.
Agent
Any
Orchestrator
8080
HTTP
OasisConfig.properties
Deprecated communications only
Agent
Any
Orchestrator
8443
HTTPS
OasisConfig.properties
Deprecated communications only
Agent
Any
Orchestrator
7001
HTTP/HTTPS
OasisConfig.properties
Deprecated port
 
Communications to a Non-Clustered Orchestrator from another Component
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Orchestrator
Any
Agent
80
HTTP
Jetty
web-socket connection that is established by agents
Orchestrator
Any
Orchestrator
443
HTTPS
Jetty
web-socket connection that is established by orchestrator
Agent
Any
Orchestrator
8080
HTTP
Oasisconfig.properties
Deprecated communications only
Agent
Any
Orchestrator
8443
HTTPS
Oasisconfig.properties
Deprecated communications only
Agent
Any
Orchestrator
80
HTTP
Oasisconfig.properties
Basic Server Port
Agent
Any
Orchestrator
443
HTTPS
Oasisconfig.properties
Secure Server Port
Agent
Any
Orchestrator
7001
HTTP/HTTPS
OasisConfig.properties
Deprecated port
Web Browser
(
CA Process Automation
 web UI user)
Any
Orchestrator
8080
HTTP
OasisConfig.properties
Browser talks to Orchestrator on this port with basic communication
Web Browser
CA Process Automation
 web UI user)
Any
Orchestrator
8443
HTTPS
OasisConfig.properties
Browser talks to secure Orchestrators on this port
Web Services
(SOAP) client 
Any
Orchestrator
8080
HTTP
OasisConfig.properties
Orchestrator SOAP API server
Web Services
(SOAP) client 
Any
Orchestrator
8443
HTTPS
OasisConfig.properties
Orchestrator SOAP API server (secure)
Ports Used by Orchestrator for web-socket Communication
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Domain Orchestrator
Any
Agent
443
HTTPS
Jetty
web-socket connection that is established by agents
Domain Orchestrator
Any
Agent
80
HTTP
Jetty
web-socket connection that is established by agents
Clustered Node
Any
Agent
443
HTTPS
Jetty
web-socket connection that is established by agents
Clustered Node
Any
Agent
80
HTTP
Jetty
web-socket connection that is established by agents
Additional Orchestrator
Any
Agent
443
HTTPS
Jetty
web-socket connection that is established by agents
Additional Orchestrator
Any
Agent
80
HTTP
Jetty
web-socket connection that is established by agents 
Ports Used by an Agent
The following tables provide an overview of the ports that are used for communications from and to a 
CA Process Automation
 agent.
Communications from an Agent
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Agent
Any
Orchestrator
8080
HTTP
Oasisconfig.properties
Deprecated communications only
Agent
Any
Orchestrator
8443
HTTPS
Oasisconfig.properties
Deprecated communications only
Agent
Any
Load Balancer
80
HTTP
Apache: httpd.conf
NGINX: pam-server.conf
F5: iRules Config
Load Balancer port for basic communication
Agent
Any
Load Balancer
443
HTTPS
Apache: httpd-ssl.conf
NGINX: secure-pam-server.conf
F5: iRules Config
Load Balancer port for secure communication
Agent
Any
Orchestrator
7001
HTTP/HTTPS
OasisConfig.properties
Deprecated Server Port
Agent
Any
Orchestrator
80
HTTP
OasisConfig.properties
Basic Server Port
Agent
Any
Orchestrator
443
HTTPS
OasisConfig.properties
Secure Server Port
Agent
Any
Target Remote Host
22
TCP
Standard SSH port
Used for SSH communication with a proxy touchpoint or host group
 
Communications to an Agent
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Orchestrator
Any
Agent
7003
HTTP/HTTPS
Agent Installation script
Agent formerly listened on this deprecated port for communication with Orchestrators
Ports Used by Database Servers
The following table provides an overview of the ports that are used for communications to a Database server.
Communications to a Database Server
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Orchestrator
Any
Microsoft
SQL
Database Server
1433
TCP
Microsoft SQL Configured
You can change the database port in the database server installation.
Default Value: 1433
Orchestrator
Any
MySQL
Database Server
3306
TCP
MySQL Configured
You can change the database port in the database server installation.
Default Value: 3306
Orchestrator
Any
Oracle
Database Server
1521
TCP
Oracle Configured Listener
You can change the database port during Create Listener; 1521 is the default value for the Oracle Listener port. The database instance can be associated with a different listener. Refer the Oracle Configuration.
 
Ports Used by web clients
The following tables provide an overview of the ports that are used for communications from the web clients.
Communications from web clients
From
Port
To
Default Listening Port
Protocol
Configuration
Description
Web Browser
(CA EEM Administrator) 
Any
CA EEM
5250
TCP
CA EEM configuration
Web Browser accessing the CA EEM UI
Web Browser
( CA Process Automation Web UI user)
Any
Load Balancer
80
TCP
Apache: httpd.conf
NGINX: pam-server.conf
F5: iRules Config
Load Balancer port for basic communication
Web Browser
( CA Process Automation Web UI user)
Any
Load Balancer
443
TCP
Apache: httpd.conf
NGINX: secure-pam-server.conf
F5: iRules
Load Balancer port for secure communication
Web Services
(SOAP) client 
Any
Load Balancer
80
TCP
Apache: httpd.conf
NGINX: pam-server.conf
F5: iRules Config
Load Balancer port for basic communication
Web Services
(SOAP) client 
Any
Load Balancer
443
TCP
Apache: httpd.conf
NGINX: secure-pam-server.conf
F5: iRules
Load Balancer port for secure communication
Web Browser
(CA Process Automation
Web UI user)
Any
Orchestrator
8080
HTTP
OasisConfig.properties
Browsers talk to Orchestrator on this port with basic communication
Web Browser
(CA Process Automation
Web UI user)
Any
Orchestrator
8443
HTTPS
OasisConfig.properties
Browsers talk to secure Orchestrator on this port