What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
300.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Do I need to open port 23560 to use remote probe? Which direction?

Votes:

0

Your Vote:

Up

Down

By default the port used on remote probe is 23560. I would like to know if, when the remote probe is behind a firewall, I need to open port 23560 on my firewall´s rules, and which direction. both directions?

Thanks in advance

firewall port-23560 remote-probe

Created on Nov 4, 2010 9:20:37 PM by  Bruno Ruy (2) 2



5 Replies

Accepted Answer

Votes:

0

Your Vote:

Up

Down

communication has to work both ways, yes.

Created on Nov 5, 2010 8:52:14 AM by  Aurelio Lombardi [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Hi,

I have another question about it. One of our customer wants/needs to use 11 Remote Probe.

Do I have to set the same port for all of the Remote Probes? If I use the same port will I have some issue?

Thanks

Created on Jan 7, 2011 12:17:53 PM by  Bruno Ruy (2) 2



Votes:

0

Your Vote:

Up

Down

In order to connect to the core server all remote probes use the same port!

Created on Jan 7, 2011 4:04:40 PM by  Dirk Paessler [Founder Paessler AG] (10,932) 3 4



Votes:

0

Your Vote:

Up

Down

For a list of ports that PRTG requires, please see the article Which ports does PRTG use on my system?

Created on Sep 15, 2014 2:53:02 PM by  Gerald Schoch [Paessler Support]



Votes:

0

Your Vote:

Up

Down

The question of directionality is not accurately addressed here or in the article which details all ports.

1) The CORE SERVER opens a listener on TCP 23560, which means the TCP socket is initiated by the probe, so your initial communication to open the socket flows in this direction: PROBE => CORESERVER:23560

2) All modern firewalls are stateful, which means they will automatically allow the response on a stateful protocol sesion like TCP. So a communication like:

Probe:(on some ephemeral port) => CoreServer:23560 the response: Probe:(on some ephemeral port) <= CoreServer:23560 is automatically allowed as part of the established communication session.

This means the answer to your question is, you only need to allow TCP 23560 to the CoreServer as a destination to support the probe to server communication.

Created on Sep 16, 2020 1:44:53 PM by  Damon32311 (0)



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.