The following tables lists the required ports for the Cisco Prime Collaboration Assurance (PCA) to communicate with the devices and applications.
Note: 1. SNMP v3 AuthPriv is supported in Prime Collaboration 10.6 and later.
2. ICMP ping is required for all devices for checking reachability.
Devices/Applications | From (Sender) | To (Listener) | Destination Port | Purpose |
Cisco TMS | PCA | TMS | 80:TCP | To import sessions and health status (HTTP). |
PCA | TMS | 161:UDP | To poll health status (SNMP). | |
PCA | TMS | 443:TCP | To import sessions and health status (HTTPS). | |
Cisco Voice Portal | PCA | CVP | 8111:TCP | To poll health status (HTTP). |
Cisco MediaSense | PCA | Mediasense | 8448:TCP | To poll health status (HTTP). |
Unified Contact Center Enterprise | PCA | UCCE | 7890:TCP | To poll health status (HTTP). |
For Cisco Prime Collaboration Assurance 11.1 and earlier CTS-Manager (CTSMAN) | PCA | CTSMAN | 80:TCP | To import sessions and to poll health status (HTTP). |
PCA | CTSMAN | 161:UDP | To poll health status (SNMP). | |
PCA | CTSMAN | 443:TCP | To import sessions and to poll health status (HTTPS). | |
For Cisco Prime Collaboration Assurance 11.1 and earlier Cisco TP Exchange (CTX) | PCA | CTX Admin | 80.TCP | To import sessions and to poll health status (HTTP). |
PCA | CTS all servers | 161:UDP | To poll health status (SNMP). | |
PCA | CTX Admin | 443:TCP | To import sessions and to poll health status (HTTPS). | |
Cisco MCU | PCA | MCU | 80.TCP | To poll call details and health status (HTTP). |
PCA | MCU | 161:UDP | To poll health status (SNMP). | |
PCA | MCU | 443:TCP | To poll call details and health status (HTTPS) | |
For Cisco Prime Collaboration Assurance 11.1 and earlier Cisco TP Multipoint Switch (CTMS) | PCA | CTMS | 80.TCP | To poll health status (HTTP). |
PCA | CTMS | 161:UDP | To poll health status (SNMP). | |
PCA | CTMS | 443:TCP | To poll call details and health status (HTTPS) | |
Cisco TP Server (TPS) | PCA | TPS | 80.TCP | To poll health status (HTTP). |
PCA | TPS | 161:UDP | To poll health status (SNMP). | |
PCA | TPS | 443:TCP | To poll health status (HTTPS). | |
Cisco VCS | PCA | VCS | 80.TCP | To poll call details and health status (HTTP). |
PCA | VCS | 161:UDP | To poll health status (SNMP). | |
PCA | VCS | 443:TCP | To poll call details and health status (HTTPS). | |
Cisco Unified CM (CUCM) | PCA | CUCM | 22:TCP | To obtain data from CUCM using SFTP service (SFTP). |
PCA | CUCM | 80.TCP | To obtain call details from CUCM (HTTP). | |
PCA | CUCM | 161:UDP | To poll health status (SNMP). | |
PCA | CUCM | 443:TCP | To polls status and RTMT information (HTTPS). | |
PCA | CUCM | 2748:TCP | CTI application server. | |
PCA | CUCM | 2749:TCP | TLS connection between CTI application (JTAPI/TSP) and CTI manager. | |
PCA | CUCM | 2789:TCP | JTAPI application server. | |
PCA | CUCM | 8080:TCP | To determine whether the CUCM web service is running (HTTP). | |
PCA | CUCM | 8443:TCP | To polls CUCM status (HTTPS). | |
Cisco Unity Connection (CUC) | PCA | CUC | 80.TCP | To poll health status (HTTP). |
PCA | CUC | 161:UDP | To poll health status (SNMP). | |
PCA | CUC | 443:TCP | To poll health status (HTTPS). | |
Cisco Unified Presence Server (CUPS) | PCA | CUPS | 80.TCP | To poll health status (HTTP). |
PCA | CUPS | 161:UDP | To poll health status (SNMP). | |
PCA | CUPS | 443:TCP | To poll health status (HTTPS). | |
TelePresence/Video Endpoints | PCA | TP Endpoints | 22:TCP | To access endpoints during troubleshooting (SSH). |
PCA | TP Endpoints | 80:TCP | To poll device info and status and call quality stats (HTTP). | |
PCA | TP Endpoints | 161:UDP | To poll device info and status and call quality stats (SNMP). | |
PCA | TP Endpoints | 443:TCP | To poll device info and status and call quality stats (HTTPS). | |
IP Phones | PCA | IP Phones | 80:TCP | To obtain Serial Number and Load ID during discovery (HTTP). |
PCA | IP Phones | 443:TCP | To obtain Serial Number and Load ID during discovery (HTTPS). | |
PCA | IP Phones | 16384-32767:UDP | To perform phone diagnostics testing. | |
Cisco 1040 Sensor | PCA | 1040 Sensor | 2000:TCP | To communicate with Cisco 1040 server using SCCP. |
Network Devices | PCA | Network Devices | 22:TCP | To access Mediatrace initiator during troubleshooting (SSH). |
PCA | Network Devices | 23:TCP | To access Mediatrace initiator during troubleshooting (Telnet). | |
PCA | Network Devices | 80:TCP | To access Mediatrace initiator during troubleshooting (HTTP). | |
PCA | Network Devices | 161:UDP | To poll device and Medianet information (SNMP). | |
PCA | Network Devices | 443:TCP | To access Medianet initiator during troubleshooting (HTTPS). | |
LDAP/DNS/NTP/SMTP/TFTP Servers | PCA | LDAP Server | 389,636123:TCP | LDAP service. |
PCA | DNS Server | 53:TCP | DNS service. | |
PCA | NTP Server | 123:UDP | NTP service. | |
PCA | SMTP Server | 25:UDP | SMTP service. | |
PCA | TFTP Server | 69:UDP | TFTP service. | |
Assurance Server (PCA) | Cisco 1040 | PCA | 69:UDP | To download configuration file. |
Cisco 1040 | PCA | 5666:UDP | To receive syslog messages from Cisco 1040 sensors. | |
Cisco VCS | PCA | 8886:TCP | To receive feedback/notification from Cisco VCS (HTTPS). | |
Cisco VCS | PCA | 8886:TCP | To receive feedback/notification from Cisco VCS (HTTPS). | |
Endpoints (Supporting MSI) | PCA | 8885:TCP | To receive MSI notification from endpoints, which supports MSI. | |
Networking Devices | PCA | 162:UDP | To receive SNMP traps. | |
Networking Devices | PCA | 514:UDP | To receive syslogs | |
Networking Devices | PCA | 9000:UDP | To receive traps (CSListener) if port 162 is occupied. |
The following ports are used by the Prime Collaboration Assurance (PCA) server to communicate either with the client machine or for the internal use.
From (Sender) | To (Listener) | Destination Port | Purpose | Prime Collaboration Version |
PCA | - | 1018:TCP | Poller RMI port. | 9.0, 9.5, and 10.0 |
PCA | - | 1019:TCP | · Prime Collaboration 9.0, 9,5 and 10.0: Fault RMI port. · Prime Collaboration 10.5: Poller RMI port. | All versions |
PCA | - | 1024-4999 | Ephemeral ports. | All versions |
PCA | - | 5665-5684 | Inter processes communication between user interface and backend processes. | All versions |
PCA | - | 9002 | DynamID authentication | 9.0, 9.5, and 10.0 |
PCA | - | 9009 | · Default port number used by the IP telephony server for receiving traps from the device fault server. · From Prime Collaboration 10.5 release, this port is used for internal web server communication using AJP. | All versions |
PCA | - | 9822:TCP | Used for internal communication within the PCA server | All versions |
PCA | - | 40000-41000 | Used by Common Transport Mechanism for internal application messaging. | 9.0, 9.5, and 10.0 |
PCA | - | 42344 | Used by Synthetic Testing web service. | All versions |
PCA | - | 42350-42353 | Used by messaging software. | 9.0, 9.5, and 10.0 |
PCA | - | 43445 | Used by Alert History database engine. | 9.0, 9.5, and 10.0 |
PCA | - | 43446 | Used by inventory service database engine. | 9.0, 9.5, and 10.0 |
PCA | - | 43447 | Used by event processing database engine. | 9.0, 9.5, and 10.0 |
PCA | - | 43449 | Used by IP Phone Information Facility database engine. | 9.0, 9.5, and 10.0 |
PCA | - | 43459 | QOVRdatabase. | 9.0, 9.5, and 10.0 |
PCA | - | 5342 | Prime Collaboration Analytics database. If you have deployed Prime Collaboration 10.5 Analytics very large deployment, this port must be available on the Prime Collaboration Analytics database server. | 9.5 and later |
PCA | - | 5433 | Prime Collaboration Assurance database | All versions |
PCA | - | 5434 | Prime Collaboration Assurance database | 10.5 |
Client | PCA | 26:TCP | To connect to the PCA server from the client machine over SSH. | All versions |
Client browser | PCA | 80:TCP | To connect to the PCA server from the client machine over HTTPS. | Till 10.6 versions |
Client browser | PCA | 443:TCP | To connect to the PCA server from the client machine over HTTPS. | Till 10.6 versions |
Client browser | PCA | 8080:TCP | To connect to the PCA server from the client machine over HTTP. | 11.0 and later |
Client browser | PCA | 8443:TCP | To connect to the PCA server from the client machine over HTTPS. | 11.0 and later |
The following tables lists the required ports for the Cisco Prime Collaboration Provisioning server to communicate with the devices and applications.
Note: Cisco Unity is supported till Prime Collaboration Provisioning 10.6.
From (Sender) | To (Listener) | Destination Port | Purpose |
Provisioning server | Cisco Unified Presence | 8443:TCP | To communicate over HTTPS. |
Provisioning server | Cisco Unity Connection | 443:TCP | To communicate over HTTPS. |
Provisioning server | Cisco Unity Express/Cisco Unity Connection | 22:TCP | To communicate using SSH service. |
Provisioning server | Cisco Unity Express | 23:TCP | To communicate using Telnet service. |
Provisioning server | Cisco Unity | 1433:TCP | JDBC |
Provisioning server | Cisco Unity Connection | 1502,8081:TCP | JDBC |
Provisioning server | Unified CM | 80:TCP | HTTP/Apache Web Server |
Provisioning server | Unified CM | 8443:TCP | To communicate over HTTPS. |
Provisioning server | Unified CM Express | 22:TCP | To communicate using SSH service. |
Provisioning server | Unified CM Express | 23:TCP | To communicate using Telnet service. |
The following ports are used by the Prime Collaboration Provisioning servers to communicate either with the client machine or for the internal use.
From (Sender) | To (Listener) | Destination Port | Purpose |
Client browser | Provisioning server | 80:TCP | To communicate with the client machine over HTTP. |
Client browser | Provisioning server | 443:TCP | To connect to the PC Provisioning server from the client machine over HTTPS. |
Client | Provisioning server | 22:TCP | To connect to the PC Provisioning server from the client machine over SSH. |
Provisioning server | Database | 5432 (JDBC) | Used by the Postgres database. For both distributed installation (where the application and database are on separate server) and single server installation , this port must be open for inbound communication on the Provisioning Manager database server. |
Provisioning server | - | 46001 | CUPM NICE Engine (RMI) |
Provisioning server | - | 46008 | Jboss Application Server (HTTP) |
Provisioning server | - | 46009 | Jboss Application Server (AJP) |
Provisioning server | - | 46083 | Jboss Application Server (web services) |
Provisioning server | - | 46098 | Jboss Application Server (RMI) |
Provisioning server | - | 46099 | Jboss Application Server (JNP service) |
Provisioning server | - | 46444 | Jboss Application Server (JRMP) |
Provisioning server | - | 46445 | Jboss Application Server (Transaction Manager) |
Provisioning server | - | 46446 | Jboss Application Server (Remote server) |
Provisioning server | - | 46457 | Jboss Application Server (Bisocket Transport) |
Provisioning server | Troubleshooting Account UI | 28080 | It is used for Connecting to the Troubleshooting Account UI |
Provisioning server | - | 1602 | It is used for Connecting to the Nice Server |
Note: Firewalld, the default firewall in Cent OS 7 is disabled. Refer to Cent OS 7 User Guide to block any of the unused ports.