Networking
Ports
Required ports for communication across Datamotive nodes — Management Server, Replication Node, DeDupe Node, and Windows Prep Node.
- Product
- Datamotive Platform
- Version
- v2.0.3
- Last updated
- Updated
- Reading time
- 1 min read
Datamotive nodes operate on specific ports for inter-node communication, platform API access, and the management console. Use the tables below to define firewall rules or cloud security groups — one security group per node type is the recommended pattern.
Management Server (Security Group 1)
| Port | Description | Access | Scope |
|---|---|---|---|
| 3308 | Database connection | IN | Within site |
| 5000 | Management Server controller (GUI / REST) | IN/OUT | Across sites |
| 5001 | Replication Server/Node data transfer | IN/OUT | Across sites |
| 5002 | Replication Server encrypted data transfer | IN/OUT | Across sites |
| 5005 | DeDupe server connection | OUT | Across sites |
| 443 | AWS / GCP / Azure API endpoints | OUT | — |
| 443 | vCenter Server API (VMware, default 443) | OUT | Within site |
| 902 | VMware VDDK connection to ESXi hosts (VMware only) | IN/OUT | Within site |
| 5985 | HTTP connection to Windows Prep Node (WinRM) | OUT | Within site |
| 5986 | HTTPS connection to Windows Prep Node (WinRM) | OUT | Within site |
| 22 | SSH — used during the upgrade process | IN/OUT | Within site |
Replication Node (Security Group 2)
| Port | Description | Access | Scope |
|---|---|---|---|
| 5000 | Replication Server/Node data transfer | IN/OUT | Across sites |
| 5001 | Replication Server/Node data transfer | IN/OUT | Across sites |
| 5002 | Replication Server encrypted data transfer | IN/OUT | Across sites |
| 5005 | DeDupe server connection | OUT | Across sites |
| 443 | AWS / GCP / Azure API endpoints | OUT | Within site |
| 443 | vCenter Server API (VMware, default 443) | OUT | Within site |
| 902 | VMware VDDK connection to ESXi hosts (VMware only) | IN/OUT | Within site |
| 3308 | Database connection | OUT | Within site |
| 5985 | HTTP connection to Windows Prep Node (WinRM) | OUT | Within site |
| 5986 | HTTPS connection to Windows Prep Node (WinRM) | OUT | Within site |
| 22 | SSH — used during the upgrade process | IN | Within site |
DeDupe Node (Security Group 3)
| Port | Description | Access | Scope |
|---|---|---|---|
| 5005 | DeDupe Node controller (REST) | IN | Across sites |
Windows Prep Node (Security Group 4)
| Port | Description | Access | Scope |
|---|---|---|---|
| 5985–5986 | WinRM communication | IN | Within site |
| 3389 | RDP | IN | Within site |
Console and service ports
- The management console is served at
https://<management-node-ip>:5000/mgmt. - The upgrade wizard is served at
https://<management-node-ip>:5004/upgrade. - Port
5003is the replication controller service port, used for management-to-replication-node control traffic.
Related docs
Was this page helpful?