What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags

View all Tags

Do I need to open port 23560 to use remote probe? Which direction?



By default the port used on remote probe is 23560. I would like to know if, when the remote probe is behind a firewall, I need to open port 23560 on my firewall´s rules, and which direction. both directions?

Thanks in advance

firewall port-23560 remote-probe

Created on Nov 4, 2010 9:20:37 PM

5 Replies

Accepted Answer



communication has to work both ways, yes.

Created on Nov 5, 2010 8:52:14 AM by  Aurelio Lombardi [Paessler Support]




I have another question about it. One of our customer wants/needs to use 11 Remote Probe.

Do I have to set the same port for all of the Remote Probes? If I use the same port will I have some issue?


Created on Jan 7, 2011 12:17:53 PM



In order to connect to the core server all remote probes use the same port!

Created on Jan 7, 2011 4:04:40 PM by  Dirk Paessler [Founder Paessler AG] (11,025) 3 6



For a list of ports that PRTG requires, please see the article Which ports does PRTG use on my system?

Created on Sep 15, 2014 2:53:02 PM by  Gerald Schoch [Paessler Support]



The question of directionality is not accurately addressed here or in the article which details all ports.

1) The CORE SERVER opens a listener on TCP 23560, which means the TCP socket is initiated by the probe, so your initial communication to open the socket flows in this direction: PROBE => CORESERVER:23560

2) All modern firewalls are stateful, which means they will automatically allow the response on a stateful protocol sesion like TCP. So a communication like:

Probe:(on some ephemeral port) => CoreServer:23560 the response: Probe:(on some ephemeral port) <= CoreServer:23560 is automatically allowed as part of the established communication session.

This means the answer to your question is, you only need to allow TCP 23560 to the CoreServer as a destination to support the probe to server communication.

Created on Sep 16, 2020 1:44:53 PM

Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.