Communication ports used by Citrix Technologies

February, 2012 – Version 2.0

Overview
Introduction
This document provides an overview of ports that are used by Citrix components and must be considered as part of Virtual Computing architecture, especially if communication traffic traverses network components such as firewalls or proxy servers, where ports must be opened to ensure communication flow.

References
The assignments are listed by the Internet Assigned Numbers Authority (IANA), updated regularly, and revised when new information is available and new assignments are made. The specific location of the port numbers list is available at the following Web site: http://www.iana.org/assignments/port-numbers. Microsoft Article “Network Ports Used by Key Microsoft Server Products”. Microsoft Article ID 832017 “Service overview and network port requirements for the Windows Server system”.

Page

2

exe) To/from CloudStack Management Server User/Client/API to CloudStack Management Server .exe) Web-based administration console (Lmadmin.exe) Check-in/check-out of Citrix licenses (Citrix.Management Port (authenticated communication) User/Client to CloudStack Management Server Management Port (unauthenticated communication) CloudStack Management Server to vCenter CloudStack Management Server to KVM CloudStack Management Server to XenServer CloudStack Management Server to MySQL CloudStack Management Server to DNS CloudStack Management Server to SSVM SSVM to CloudStack Management Server SSVM to HTTP(s) File Share to download VM Image SSVM to NFS SSVM to DNS CloudStack Management Server to Console Proxy VM Console Proxy VM to CloudStack Management Server Console Proxy VM to DNS CloudStack Management Server to Virtual Router Virtual Router to CloudStack Management Server Virtual Router to DNS CloudStack Management Server to NFS (initial deployment of SSVM and CPVM Communication with Merchandising Server Access to applications and virtual desktops Access to applications and virtual desktops Independent Management Architecture (IMA) Citrix Management Consoles Common Citrix Communication Ports Citrix Receiver ICA / HDX Session Reliability IMA Management Console TCP TCP TCP TCP TCP 80/443 1494 2598 2512 2513 Page 3 .Ports by Product Component Citrix License Server License Manager Daemon Citrix Vendor Daemon License Management Console CloudStack CloudStack Management Server User/Client/API User/Client vCenter KVM XenServer MySQL DNS Secondary Storage Virtual Machine (SSVM) TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP Console Proxy VM TCP TCP TCP Virtual Router TCP TCP TCP NFS TCP 9090 + 8250 8080 8096 443 22 22/80/443 3306 53 3922 8250 80/443 111/2049 53 3922 8250 53 3922 8250 53 111/2049 (bi-directional) Type TCP TCP TCP Port 27000 7279 8082 Details Handles initial point of contact for license requests (Lmadmin.

1 Communication between Desktop Director and Virtual Desktop Agent for WinRM 2. Note: Named instance connection requires UDP 1434 SMB HTTP/S 445 80/443 11168 1433 1434 Power & Capacity Management Agent Database TCP TCP TCP XenDesktop Virtualization Infrastructure Citrix XenServer Microsoft Hyper-V VMware vSphere Broker Active Directory Identity Service Configuration Service Host Service Machine Creation Service Machine Identity Service License Configuration Service Desktop Director Virtual Desktop Agent 5 TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP UDP TCP TCP Virtual Desktop Agent (previous versions) TCP 80/443 8100 443 80/443 80 80 80 80 80 80 80/443 80 135 3389 16500 16509 80 5985 8080 Communication between Desktop Delivery Controller and Virtual Desktop Agent Communication between Desktop Director and Virtual Desktop Agent for Remote Assistance Used port range for HDX Audio Communication between Desktop Director and Virtual Desktop Agent for WinRM 1.0 Communication between Desktop Delivery Controller and Virtual Desktop Agent Communication with XenServer infrastructure SCVMM Administrator Console VMware Web Services communication Used by process BrokerService.SdkWcfEndpoint.exe Used by Citrix.MachineCreation.Host.ADIdentity.LicensingConfig.exe for WCF communications to VDA.exe Used by Citrix.exe Page 4 .exe Used by Citrix.Component Application / Desktop Request STA XenApp Offline Plug-in Type TCP TCP Port 80/8080/443 80/8080/443 Details XML Service Secure Ticketing Authority (embedded into XML Service) Communication with Application Hub (File Server / Share) Communication with Application Hub (Web Server / File Server / Share) Communication with Concentrator Microsoft SQL Server Microsoft SQL Server.exe Used by Citrix.SdkWcfEndpoint.SdkWcfEndpoint.MachineIdentity.exe Used by Citrix.Configuration.SdkWcfEndpoint. XML Service Used by Citrix.SdkWcfEndpoint.SdkWcfEndpoint. SDK.

exe for communicating with Broker Microsoft SQL Server Microsoft SQL Server.Component Citrix Desktop Service Database Type TCP TCP TCP Port 80 1433 1434 Details Used by process WorkstationAgent. Note: Named instance connection requires UDP 1434 SSH Management using XenAPI VNC for Linux Guests RDP for Windows Guests SSH Management using XenAPI NTP DNS Active Directory ISO Store: NetBIOS Session Service ISO Store: Microsoft-DS iSCSI Storage NFS Storage SOAP over HTTP StorageLink Gateway traffic End device communication with Lab Manager Server User interface RDP for Windows Guests VNC for Linux Guests Connections for XenServer Connections for Microsoft Hyper-V Server Discovery ports for VMAgent Secure (HTTPS) Server Discovery ports for VMAgent LDAP LDAP over SSL (LDAPS) End device communication with StageManager Server User interface RDP for Windows Guests VNC for Linux Guests Connections for XenServer XenServer XenCenter TCP TCP TCP TCP Resource Pool Infrastructure TCP TCP TCP/UDP TCP/UDP TCP TCP/UDP TCP/UDP Storage TCP TCP TCP Lab Manager End-Device to Lab Manager Server User Interface End-Device to Virtual Machines End-Device to Virtualization Host VMAgent to Lab Manager Server TCP TCP TCP TCP TCP TCP/UDP TCP Lab Manager Server to Active Directory StageManager End-Device to StageManager Server User Interface End-Device to Virtual Machines End-Device to Virtualization TCP TCP TCP TCP 9443 3389 5900 5900 – 5999 TCP TCP 8443 3389 5900 5900 – 5999 2179 35110 35112 8443 389 636 22 443 5900 3389 22 443 123 53 389 139 445 3260 2049 21605 Page 5 .

update.)/Fault Management/Administration/ Configuration Management modules Used specifically by Configuration Management module while executing/scheduling tasks Used when you execute the Invoke NSCLI option. TCP TCP 9094 1099/6010 Page 6 . The ping is the SNMP ping. right click under Map Between Command Center Server and NetScaler.Component Host VMAgent to StageManager Server Type TCP TCP/UDP TCP Port 2179 35110 35112 9443 389 636 21605 1433 Details Connections for Microsoft Hyper-V Server Discovery ports for VMAgent/GuestAgent Secure (HTTPS) Server Discovery ports for VMAgent/GuestAgent LDAP LDAP over SSL (LDAPS) Communication of StorageLink Manager to StorageLink Service Microsoft SQL Server StageManager Server to Active Directory StorageLink StorageLink Service Database Administration SSH HTTP/S Java Authentication LDAP TCP TCP TCP TCP NetScaler / Access Gateway Enterprise Edition TCP TCP TCP TCP TCP/UDP TCP/UDP TCP RADIUS DNS High Availability TCP/UDP TCP/UDP UDP TCP TCP TCP TCP Command Center TCP TCP 22 80/443 3008 3010 389 636 3268 1812 53 3003 3008 3009 3010 3011 9091/9092/ 9094 9091/9092 CLI Administration (encrypted) GUI Administration GUI Administration (encrypted ) GUI (no encryption) LDAP connection LDAP SSL connection LDAP connection to Global Catalog RADIUS connection DNS name resolution Exchange of Hello packets for communicating UP/DOWN status (heartbeat) Secure High Availability configuration synchronization Secure command propagation and MEP High Availability configuration synchronization plus web-logging and audit server logging Command propagation and MEP For opening TCP communication between client and the server Ports are used to refresh. Under Device. etc. and query objects pertaining to Discovery (Maps/Devices.

5) AAC IMA-based communication TCP TCP 443 80/443 TCP Port used for connecting to an Access Gateway Deployment Communication between Access Gateway Standard and Advanced Access Control Server Page 7 .0 Client Connections Citrix Access Controller Administration Appliance Controller Authentication LDAP RADIUS DNS Appliance Failover TCP TCP/UDP TCP/UDP TCP 389 1812 53 694 LDAP connection RADIUS connection DNS name resolution Communication between Access Gateway appliances TCP TCP 443 2513 Administration Website IMA-based communication TCP TCP 443 80/443/9002 TCP Port used for connecting to an Access Gateway Deployment Communication between Access Gateway and Access Control Server 51 500 IPSec Authentication Header (AH) traffic Internet Key Exchange (IKE/ISAKMP) negotiation Type Port Previous versions of Access Gateway Standard / Advanced Edition Client Connections Advanced Access Control (AAC) Administration Appliance TCP TCP TCP AAC Authentication LDAP RADIUS DNS Branch Repeater Administration TCP 80/443 Citrix Repeater Console TCP TCP/UDP TCP/UDP 389 1812 53 LDAP connection RADIUS connection DNS name resolution TCP 9001 9002 9005 2513 Administration Website Administrative Desktop (until 4. IPSec Encapsulating Security Protocol (ESP) traffic Cloud Bridge TCP 50 TCP UDP Access Gateway 5. then only 8443 port needs to be open between client and Command Center server. Citrix recommends using an HTML client as much as possible.Component Details Connect SSH/SFTP to the NetScaler device from TCP 22 Command Center Server SNMP Polling to NetScalers and TRAPs from UDP 161/162 NetScaler to Command Center Note: If you use an HTML client.

139 389 636 3268 3269 524 Broadcast 67 68 69 54321 54322 389 1433 Novell File Share Provisioning services PXE DHCP TCP/UDP UDP UDP TFTP Console Active Directory Database UDP TCP TCP TCP Page 8 . Communication with Management Console and Password Manager Agent (non-IMA) CIFS NetBIOS LDAP connection LDAP SSL connection LDAP connection to Global Catalog LDAP SSL connection to Global Catalog ZENworks communication Target devices PXE booting from network Client broadcast/communication with DHCP server(s) DHCP server(s) communication with client See note below for required DHCP options Trivial File Transfer (TFTP) SOAP Service Communication with Active Directory services Microsoft SQL Server TCP/UDP TCP/UDP TCP/UDP TCP/UDP TCP TCP 445 135 .Component Appliance to Appliance Client to Appliance EdgeSight Agent Type TCP TCP TCP TCP TCP Port 3389 N/A 443 80/443 9036 9035 1433 8443 5060 443 389 N/A 443 Details RDP connection to server console (Windows) Pass through of native application ports Client to Appliance communication Communication with EdgeSight Server for payloads and alerts EdgeSight Agent internal communication (clientside database) Communication with RSCorSvc on EdgeSight Agent Microsoft SQL Server PSync Web Console Database EasyCall EasyCall Client EasyCall Gateway Admin Console LDAP PBX Password Manager Password Manager Service Credential Store on Network File Share Active Directory TCP TCP TCP TCP TCP TCP TCP TCP EasyCall Gateway communicates with the SIP trunk over port 5060 Administration of EasyCall Active Directory/LDAP The PBX port depends on the vendor and varies.

prior to version 6.0 and later Inter-server communication.0 Target Device logon at Provisioning services Target Device communication with its Write Cache Required DHCP options: 66 = TFTP Server Name (Bootstrap Protocol Server) 67 = Bootfile Name (Bootstrap Protocol Client) TCP/UDP TCP 80/443 1433 SmartAuditor components connecting to SmartAuditor Broker Microsoft SQL Server Provides reliable transport of data from SmartAuditor Agent to SmartAuditor Server using an MSMQ private message queue named CitrixSmAudData TCP/UDP TCP TCP TCP TCP UDP TCP 1801 2101 2103 2105 2107 3527 135 80/443 8010 1433 80/443/8200 MSMQ MSMQ-DCs MSMQ-RPC MSMQ-RPC MSMQ-Mgmt MSMQ-Ping RPC Secured connections Connection to remote runtime Microsoft SQL Server Contacting GoToMeeting service broker using the Endpoint Gateway (EGW) SmartAuditor Components (Agent / Player) Database Microsoft Message Queuing (MSMQ) MSMQ Service (default) MSMQ Service HTTP/S Workflow Studio Console Database Citrix Online Products GoToMeeting GoToWebinar GoToMyPC GoToAssist TCP TCP TCP TCP Page 9 . Provisioning services Streaming Service Inter-server communication.Component Target Devices Streaming Services Server Communication Boot Login Write Cache Note: Type UDP UDP UDP UDP UDP UDP Port 6901 6910 – 6930 6890 – 6904 6905 – 6909 6910 10802 10803 Details Default port for Target Devices. version 6.

By Port Port 22 Product CloudStack Component KVM XenServer 22 NetScaler / Access Gateway Enterprise Edition XenServer SmartAuditor NetScaler / Access Gateway Enterprise Edition NetScaler / Access Gateway Enterprise Edition Access Gateway 5.0 Branch Repeater Citrix Online Products DNS DNS Infrastructure DHCP DHCP TFTP Citrix Access Controller Administration GoToMeeting GoToWebinar GoToMyPC GoToAssist SSVM XenServer Type TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP/UDP TCP TCP TCP TCP TCP/UDP TCP/UDP TCP/UDP UDP UDP UDP TCP TCP TCP Details CloudStack Management Server to KVM CloudStack Management Server to XenServer Connect SSH/SFTP to the NetScaler device from Command Center Server CLI Administration (encrypted) SSH SSH Secured connections IPSec Encapsulating Security Protocol (ESP) traffic IPSec Authentication Header (AH) traffic DNS name resolution Console Proxy VM to DNS CloudStack Management Server to DNS SSVM to DNS Virtual Router to DNS DNS name resolution DNS name resolution DNS DHCP Option for TFTP Server Name (Bootstrap Protocol Server) DHCP Option for Bootfile Name (Bootstrap Protocol Client) Trivial File Transfer Communication between Access Gateway and Access Control Server Citrix Repeater Console Contacting GoToMeeting service broker using the Endpoint Gateway (EGW) SSVM to HTTP(s) File Share to download VM Image CloudStack Management Server to XenServer 80 CloudStack TCP TCP Page 10 .0 CloudStack Command Center SSH administration 22 43 50 51 53 53 Resource Pool XenCenter MSMQ Service HTTP/S Cloud Bridge Cloud Bridge DNS Console Proxy VM DNS SSVM Virtual Router 53 53 53 67 68 69 80 80 80 NetScaler / Access Gateway Enterprise Edition Previous versions of Access Gateway Standard / Advanced Edition XenServer Provisioning services Provisioning services Provisioning services Access Gateway 5.

Host.SdkWcfEndp oint.exe Used by Citrix.By Port Port 80 Product Common Citrix Communication Ports Component Application / Desktop Request Citrix Receiver STA 80 80 80 EdgeSight NetScaler / Access Gateway Enterprise Edition Previous versions of Access Gateway Standard / Advanced Edition SmartAuditor Agent HTTP/S administration Advanced Access Control (AAC) Components (Agent / Player) Components (Agent / Player) MSMQ Service HTTP/S 80 XenApp Offline Plug-in Type TCP TCP TCP TCP TCP TCP Details XML Service Communication with Merchandising Server Secure Ticketing Authority (embedded into XML Service) Communication with EdgeSight Server for payloads and alerts GUI Administration Communication between Access Gateway Standard and Advanced Access Control Server SmartAuditor components connecting to SmartAuditor Broker SmartAuditor components connecting to SmartAuditor Broker Secured connections Communication with Application Hub (Web Server / File Server / Share) Used by Citrix.exe 80 TCP/UDP TCP/UDP TCP HTTP/S 80 XenDesktop Active Directory Identity Service Broker TCP TCP Citrix Desktop Service TCP Citrix XenServer Virtualization Infrastructure Configuration Service TCP TCP Desktop Director Host Service License Configuration Service TCP TCP TCP Page 11 .LicensingConfig.Configuration. SDK.ADIdentity.e xe Used by process BrokerService.exe Used by Citrix.SdkWcfEndpoint.exe for WCF communications to VDA.SdkWcfEndpoint.SdkWcfEndpoin t.exe for communicating with Broker Communication with XenServer infrastructure Used by Citrix. XML Service Used by process WorkstationAgent.

exe Communication between Desktop Delivery Controller and Virtual Desktop Agent Communication between Desktop Director and Virtual Desktop Agent for WinRM 1.139 139 161 162 389 389 389 389 389 389 389 389 Password Manager XenServer NetScaler / Access Gateway Enterprise Edition NetScaler / Access Gateway Enterprise Edition Access Gateway 5.SdkWcfEndp oint.exe Used by Citrix.MachineIdentity.SdkWcfEndp oint.0 EasyCall Lab Manager NetScaler / Access Gateway Enterprise Edition Password Manager Previous versions of Access Gateway Standard / Advanced Edition Provisioning services StageManager Credential Store on Network File Share Infrastructure Command Center TCP/UDP TCP/UDP UDP UDP TCP TCP TCP TCP/UDP TCP/UDP TCP TCP TCP Command Center LDAP authentication LDAP Lab Manager Server to Active Directory LDAP authentication Credential Store on Active Directory LDAP authentication Active Directory StageManager Server to Active Directory Page 12 .MachineCreation.1 CloudStack Management Server to NFS (initial deployment of SSVM and CPVM SSVM to NFS NTP RPC Communication between Desktop Director and Virtual Desktop Agent for Remote Assistance NetBIOS ISO Store: NetBIOS Session Service SNMP Polling to NetScalers and TRAPs from NetScaler to Command Center SNMP Polling to NetScalers and TRAPs from NetScaler to Command Center LDAP connection Active Directory/LDAP LDAP LDAP connection LDAP connection LDAP connection Communication with Active Directory services LDAP Machine Identity Service TCP Virtual Desktop Agent 5 TCP Virtual Desktop Agent 5 TCP 111 CloudStack NFS TCP SSVM 123 135 135 XenServer SmartAuditor XenDesktop Infrastructure MSMQ Service (default) Virtual Desktop Agent 5 TCP TCP/UDP TCP TCP 135 .By Port Port Product Component Machine Creation Service Type TCP Details Used by Citrix.

By Port Port 389 443 XenServer Access Gateway 5.exe for WCF communications to VDA. SDK.0 Product Component Infrastructure Appliance administration Citrix Access Controller Client Connections 443 443 Branch Repeater Citrix Online Products Administration Client to Appliance GoToMeeting GoToWebinar GoToMyPC GoToAssist SSVM vCenter XenServer 443 Common Citrix Communication Ports Application / Desktop Request Citrix Receiver STA 443 443 443 443 EasyCall EdgeSight NetScaler / Access Gateway Enterprise Edition Password Manager Admin Console Agent HTTP/S administration Password Manager Service Type TCP TCP TCP TCP TCP TCP TCP Details Active Directory Administration Website Communication between Access Gateway and Access Control Server TCP Port used for connecting to an Access Gateway Deployment Citrix Repeater Console Client to Appliance communication Contacting GoToMeeting service broker using the Endpoint Gateway (EGW) SSVM to HTTP(s) File Share to download VM Image CloudStack Management Server to vCenter CloudStack Management Server to XenServer XML Service Communication with Merchandising Server Secure Ticketing Authority (embedded into XML Service) Administration of EasyCall Communication with EdgeSight Server for payloads and alerts GUI Administration Communication with Management Console and Password Manager Agent (non-IMA) Communication between Access Gateway Standard and Advanced Access Control Server TCP Port used for connecting to an Access Gateway Deployment Communication with Application Hub (Web Server / File Server / Share) Used by process BrokerService. XML Service 443 CloudStack TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP 443 Previous versions of Access Gateway Standard / Advanced Edition Advanced Access Control (AAC) Client Connections TCP TCP HTTP/S 443 XenApp Offline Plug-in 443 XenDesktop Broker TCP Page 13 .

right click under Map Between Command Center Server and NetScaler. Microsoft SQL Server Microsoft SQL Server Microsoft SQL Server Microsoft SQL Server Microsoft SQL Server Microsoft SQL Server Microsoft SQL Server Microsoft SQL Server. Note: Named instance connection requires UDP 1434 TCP TCP TCP/UDP SMB TCP/UDP UDP TCP/UDP TCP TCP/UDP TCP/UDP TCP TCP TCP 1433 1433 1433 1433 1433 1433 1433 1434 EdgeSight Provisioning services SmartAuditor StorageLink Workflow Studio XenApp XenDesktop XenApp Database Database Database Database Database Database Database Database TCP TCP TCP TCP TCP TCP TCP TCP Page 14 . The ping is the SNMP ping. Under Device.0 NetScaler / Access Gateway Enterprise Edition Resource Pool XenCenter Credential Store on Network File Share Offline Plug-in Infrastructure Cloud Bridge Credential Store on Novell File Share Lab Manager Server to Active Directory LDAP authentication Credential Store on Active Directory StageManager Server to Active Directory Appliance Failover Command Center Type TCP Details Communication with XenServer infrastructure TCP TCP VMware Web Services communication Management using XenAPI Management using XenAPI CIFS Communication with Application Hub (File Server / Share) ISO Store: Microsoft-DS Internet Key Exchange (IKE/ISAKMP) negotiation ZENworks communication LDAP over SSL (LDAPS) LDAP SSL connection LDAP SSL connection LDAP over SSL (LDAPS) Communication between Access Gateway appliances Used when you execute the Invoke NSCLI option.By Port Port Product Component Citrix XenServer Virtualization Infrastructure Desktop Director VMware vSphere Virtualization Infrastructure 443 445 445 445 500 524 636 636 636 636 694 1099 XenServer Password Manager XenApp XenServer NetScaler / Access Gateway Enterprise Edition Password Manager Lab Manager NetScaler / Access Gateway Enterprise Edition Password Manager StageManager Access Gateway 5.

Note: Named instance connection requires UDP 1434 Access to applications and virtual desktops MSMQ RADIUS connection RADIUS connection RADIUS connection CloudStack Management Server to NFS (initial deployment of SSVM and CPVM SSVM to NFS NFS Storage MSMQ-DCs MSMQ-RPC MSMQ-RPC MSMQ-Mgmt Connections for Microsoft Hyper-V Connections for Microsoft Hyper-V Independent Management Architecture (IMA) IMA-based communication Citrix Management Consoles IMA-based communication Access to applications and virtual desktops Exchange of Hello packets for communicating UP/DOWN status (heartbeat) Secure High Availability configuration synchronization GUI Administration (encrypted ) Secure command propagation and MEP 1494 1801 1812 1812 1812 2049 Common Citrix Communication Ports SmartAuditor Access Gateway 5.By Port Port 1434 Product XenDesktop Component Database Type TCP Details Microsoft SQL Server.0 Common Citrix Communication Ports Previous versions of Access Gateway Standard / Advanced Edition Common Citrix Communication Ports NetScaler / Access Gateway Enterprise Edition NetScaler / Access Gateway Enterprise Edition NetScaler / Access Gateway Enterprise Edition SSVM Storage MSMQ Service (default) MSMQ Service (default) MSMQ Service (default) MSMQ Service (default) End-Device to Virtualization Host End-Device to Virtualization Host IMA Controller administration Management Console AAC administration Session Reliability High Availability TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP UDP 3008 3008 3009 High Availability Java administration High Availability TCP TCP TCP Page 15 .0 NetScaler / Access Gateway Enterprise Edition Previous versions of Access Gateway Standard / Advanced Edition CloudStack ICA / HDX MSMQ Service (default) RADIUS authentication RADIUS authentication RADIUS authentication NFS TCP TCP/UDP TCP/UDP TCP/UDP TCP/UDP TCP 2049 2049 2101 2103 2105 2107 2179 2179 2512 2513 2513 2513 2598 3003 CloudStack XenServer SmartAuditor SmartAuditor SmartAuditor SmartAuditor Lab Manager StageManager Common Citrix Communication Ports Access Gateway 5.

5999 5900 .5999 EasyCall Lab Manager StageManager XenServer Lab Manager StageManager EasyCall Gateway End-Device to Virtual Machines End-Device to Virtual Machines XenCenter End-Device to Virtualization Host End-Device to Virtualization Host Page 16 .By Port Port 3010 Product NetScaler / Access Gateway Enterprise Edition Component High Availability Type TCP Details High Availability configuration synchronization plus web-logging and audit server logging GUI (no encryption) Command propagation and MEP iSCSI Storage LDAP connection to Global Catalog LDAP connection to Global Catalog LDAP SSL connection to Global Catalog CloudStack Management Server to MySQL RDP connection to server console (Windows) RDP for Windows Guests RDP for Windows Guests Communication between Desktop Director and Virtual Desktop Agent for Remote Assistance RDP for Windows Guests MSMQ-Ping CloudStack Management Server to Console Proxy VM CloudStack Management Server to SSVM CloudStack Management Server to Virtual Router EasyCall Gateway communicates with the SIP trunk over port 5060 VNC for Linux Guests VNC for Linux Guests VNC for Linux Guests Connections for XenServer Connections for XenServer Java administration 3011 3260 3268 3268 3269 3306 3389 3389 3389 3389 NetScaler / Access Gateway Enterprise Edition XenServer NetScaler / Access Gateway Enterprise Edition Password Manager Password Manager CloudStack Branch Repeater Lab Manager StageManager XenDesktop High Availability Storage LDAP authentication Credential Store on Active Directory Credential Store on Active Directory MySQL Administration End-Device to Virtual Machines End-Device to Virtual Machines Virtual Desktop Agent 5 TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP 3389 3527 3922 XenServer SmartAuditor CloudStack XenCenter MSMQ Service (default) Console Proxy VM SSVM Virtual Router TCP UDP TCP TCP TCP TCP TCP TCP TCP TCP TCP 5060 5900 5900 5900 5900 .

Management Port (authenticated communication) XML Service Secure Ticketing Authority (embedded into XML Service) Communication between Desktop Delivery Controller and Virtual Desktop Agent Web-based administration console (Lmadmin. right click under Map Between Command Center Server and NetScaler.0 and later) Default port for Target Devices. The ping is the SNMP ping.0 Used when you execute the Invoke NSCLI option.6909 6910 6910 – 6930 7279 8010 8080 Provisioning Services Provisioning services Provisioning services Provisioning services Provisioning services Citrix License Server Workflow Studio CloudStack Server Communication Target Devices Server Communication Boot Login Streaming Services Citrix Vendor Daemon Console User/Client/API UDP UDP UDP UDP UDP TCP TCP TCP 8080 Common Citrix Communication Ports Application / Desktop Request STA TCP TCP TCP 8080 XenDesktop Virtual Desktop Agent (previous versions) License Management Console User/Client 8082 8096 Citrix License Server CloudStack TCP TCP 8100 XenDesktop Microsoft Hyper-V Virtualization Infrastructure GoToMeeting GoToWebinar GoToMyPC GoToAssist CloudStack Management Server TCP 8200 Citrix Online Products TCP Contacting GoToMeeting service broker using the Endpoint Gateway (EGW) To/from CloudStack Management Server 8250 CloudStack TCP Page 17 . Inter-server communication (version 6.exe) Connection to remote runtime User/Client/API to CloudStack Management Server . Under Device.By Port Port 5985 Product XenDesktop Component Virtual Desktop Agent 5 Type TCP Details Communication between Desktop Director and Virtual Desktop Agent for WinRM 2.Management Port (unauthenticated communication) SCVMM Administrator Console 6010 NetScaler / Access Gateway Enterprise Edition Command Center TCP 6890 – 6904 6901 6905 . Inter-server communication (prior to version 6.0) Target Device logon at Provisioning services Provisioning services Streaming Service Check-in/check-out of Citrix licenses (Citrix.exe) User/Client to CloudStack Management Server .

0 Previous versions of Access Gateway Standard / Advanced Edition Previous versions of Access Gateway Standard / Advanced Edition EdgeSight EdgeSight CloudStack NetScaler / Access Gateway Enterprise Edition Appliance administration Citrix Access Controller Appliance administration Appliance administration Web Console Agent CloudStack Management Server Command Center Command Center Type TCP TCP TCP TCP TCP Details Console Proxy VM to CloudStack Management Server SSVM to CloudStack Management Server Virtual Router to CloudStack Management Server PSync End device communication with Lab Manager Server User interface Secure (HTTPS) Server Discovery ports for VMAgent Administration Website Communication between Access Gateway and Access Control Server Administrative Desktop (until 4. update.)/Fault Management/Administration/ Configuration Management modules For opening TCP communication between client and the server Ports are used to refresh. update. etc. etc.5) AAC Communication with RSCorSvc on EdgeSight Agent EdgeSight Agent internal communication (client-side database) CloudStack Management Server For opening TCP communication between client and the server Ports are used to refresh. and query objects pertaining to Discovery (Maps/Devices.By Port Port Product Component Console Proxy VM SSVM Virtual Router 8443 8443 EasyCall Lab Manager EasyCall Client End-Device to Lab Manager Server User Interface VMAgent to Lab Manager Server 9001 9002 9002 9005 9035 9036 9090 9091 Previous versions of Access Gateway Standard / Advanced Edition Access Gateway 5.)/Fault Management/Administration/ Configuration Management modules For opening TCP communication between client and the server TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP 9092 NetScaler / Access Gateway Enterprise Edition Command Center Command Center TCP TCP 9094 NetScaler / Access Gateway Enterprise Edition Command Center TCP Page 18 . and query objects pertaining to Discovery (Maps/Devices.

35112 54321 54322 Provisioning services Provisioning services XenApp XenDesktop XenDesktop StorageLink XenServer Citrix License Server Lab Manager StageManager Provisioning services Provisioning services Write Cache Write Cache Power & Capacity Management Agent Virtual Desktop Agent 5 Virtual Desktop Agent 5 StorageLink Service Storage License Manager Daemon VMAgent to Lab Manager Server VMAgent to StageManager Server Console Console Page 19 .35112 35110 .By Port Port 9094 9443 Product NetScaler / Access Gateway Enterprise Edition StageManager Component Command Center Type TCP TCP Details Used specifically by Configuration Management module while executing/scheduling tasks End device communication with StageManager Server User interface Secure (HTTPS) Server Discovery ports for VMAgent/GuestAgent Target Device communication with its Write Cache Target Device communication with its Write Cache Communication with Concentrator Used port range for HDX Audio Used port range for HDX Audio Communication of StorageLink Manager to StorageLink Service SOAP over HTTP StorageLink Gateway traffic Handles initial point of contact for license requests (Lmadmin.exe) Server Discovery ports for VMAgent Server Discovery ports for VMAgent/GuestAgent SOAP Service SOAP Service End-Device to StageManager Server User Interface VMAgent to StageManager Server TCP UDP UDP TCP UDP UDP TCP TCP TCP TCP/UDP TCP/UDP TCP TCP 10802 10803 11168 16500 16509 21605 21605 27000 35110 .

2012 February. 2010 November.x Added ports listing by port June. 2011 January. John Scoles Date August 28.8 1. 2011 October.Revision 1. 2011 November. 2010 November. 2010 July. 2012 Page 20 .0 Update Update Update Added 1434 to XenApp and XenDesktop Updates to URLs.7 1.6 1.0 Change Description Initial document Updated By Michael Palesch Thomas Berger Tarkan Koçoğlu John Scoles John Scoles Tarkan Koçoğlu John Scoles Tarkan Koçoğlu John Scoles Steve Weizman John Scoles Fred Donovan Fred Donovan.4 1.5 1. XenDesktop. 2009 1.1 1. and NetScaler sections Changed VDA 5 HDX port type to UDP Changed Pwr Cap Mgmt port.9 2. 2010 November.3 1. 2011 September. added Command Center Added CloudStack Corrected DHCP descriptions for Provisioning Services Added ports for Provisioning Services version 6.2 1.