The following tables show the port requirements for Commvault. Based on your environment settings, you can configure the software to use different port numbers.
Note: All Commvault network communication is TCP-based.
Required Network Ports
Target Machine to Access | Target Ports | Accessed From | Feature or Purpose |
|---|---|---|---|
All | 8400 (Default CVD port) (configurable) | All other network peers | Required to be open on MediaAgents for faster data traffic |
All | 8403 (configurable) | All other network peers | All data and control traffic |
CommServe server | 8401 | CommCell Console | Administering product using CommCell Console |
CommServe server, Web Server, and any client server where MongoDB package is installed | 27017 | Webserver | Web Server uses MongoDB as the cache for quick responses for Command Center pages |
Computer hosting Command Center package | 80, 443 | Desktops running browser |
|
Additional Ports Based on Use Cases
Target Machine to Access | Target Ports | Accessed From | Feature or Purpose |
|---|---|---|---|
CommServe server | 1433, 1434 | Web Server, Workflow Engine | Direct database access Note: For MS SQL Server, communication on TCP Port 1433 and UDP Port 1434 need to be open. |
CommServe server | 8052, 8053, 8054, 8055, 8056 and 8057 Note:
| Web Server | Commvault Message Queue |
CommServe server failover (both sides) | 8408 | All other network peers | All data and control traffic |
MediaAgents | 111, 2049, 2050 | Database server or hypervisor that needs to access Commvault backup data directly | Live mount and live restore for VSA, 3DFS and Hybrid File Store Note: These ports need to be opened on the Commvault 3DFS server. |
NAS File Server | 10000 For information about configuring additional ports, see Configuring a Firewall Between a File Server and a MediaAgent. | MediaAgent that performs backups | NDMP and NAS backups |
Web Server | 80, 81 or Commvault port-forwarding gateway (for more information, see Configuring Access to the Web Server Using a Port-Forwarding Gateway) | Command Center | Command Center and Custom Reports Engine |
Additional Ports Based on Advanced Cases
Target Machine to Access | Target Ports | Accessed From | Feature or Purpose |
|---|---|---|---|
CommServe server | 8111(Linux) 9400, 9401, 9403 (Windows) | Commvault 1-Touch temporary recovery client | Reserved port to communicate with CommServe server from client during 1-Touch restore |
Communication port | 9401 (by default) | Transfer data from access node/proxy client to IBMi client machine | For sending and requesting requests (for example, backup, restore, browse, update install) from the CommServe server through access node/proxy machine. |
Data ports | Any range | Transfer data from IBMi client machine to access node/proxy client. | For transferring data from IBMi client machine to access node/proxy client during backup. For transferring data from access node/proxy client to IBMi client machine during restore operations. By default, SSH communication (port 22) is used for installation and services start). Note:
|
Domino server | 1352 | Client Domino Mailbox Archiver | Domino (RPC) |
ESXi hosts | 902 | VSA access node | Data transfer and metadata operations on virtual machine disk (VMDK) |
Distributed Storage proxies | 3260 | Client | Clients using Distributed Storage clusters as a target |
High Availability Cluster (HAC) | 8090, 8091, 8097 | Index Server, HAC |
|
Index Server | 81 | Web Server, MediaAgent, CommServe server | Used for Commvault Edge Drive indexing operations |
Search engine | 27000 | Web Server, search engine | For compliance, end-user search between search engines for cloud search |