Cisco Identity Services Engine Installation Guide, Release 3.5

Monitoring node ports

Updated: May 28, 2026

Want to summarize with AI?

Overview

Lists the TCP and UDP ports required to facilitate data collection, logging, and reporting services on the Cisco ISE Monitoring node.

The Monitoring node is important for collecting, storing, and analyzing logs and reports from across your Cisco ISE deployment. To ensure the accurate aggregation of data and the timely generation of system reports, specific ports must be configured to allow communication between the Monitoring Node and other nodes in the cluster.

This table specifies the port requirements essential for maintaining visibility and operational reporting on the Cisco ISE Monitoring node.

Table 1. Ports used by monitoring nodes
Cisco ISE service	Ports on Gigabit Ethernet 0 or Bond 0	Ports on other Ethernet interfaces (Gigabit Ethernet 1 to 5, or Bond 1 and Bond 2)
Administration	HTTPS uses TCP port 443 SSH Server uses TCP port 22	Not applicable
Monitoring	Simple Network Management Protocol (SNMP): SNMP uses UDP port 161. This port is route-table-dependent. ICMP
Logging	Syslog uses UDP port 20514 and TCP port 1468 Secure Syslog uses TCP port 6514 Default ports are configurable for external logging. SMTP uses TCP port 25 for email of alarms SNMP traps use UDP port 162
External identity sources and resources (Outbound)	Admin user interface and endpoint authentications: LDAP uses TCP ports 389 and 3268, and UDP port 389 SMB uses TCP port 445 KDC uses TCP port 88 and UDP port 88 KPASS uses TCP port 464 WMI uses TCP port 135 ODBC: The ODBC ports are configurable on the third-party database server. Microsoft SQL uses TCP port 1433 Sybase uses TCP port 2638 PostgreSQL uses TCP port 5432 Oracle uses TCP ports 1521, 15723, and 16820 NTP uses UDP port 123 (localhost interfaces only) DNS uses UDP port 53 and TCP port 53 For external identity sources and services reachable only through an interface other than Gigabit Ethernet 0, configure static routes accordingly.
Ports used for inbound communication	These ports are required in all types of deployments regardless of being on-premises or in the cloud. MnT node REST APIs: TCP 9443. This allows inbound API requests for monitoring and troubleshooting. Policy Administration Node (PAN) to MnT: TCP 1521. This enables communication from the PAN to MnT nodes. OpenAPIs: TCP 443, TCP 9070. These provide access to OpenAPI interfaces for integration. ERS APIs: TCP 443, TCP 9060. These ports facilitate inbound API requests through ERS interfaces.
Bulk download for pxGrid	TCP ports 9993, 2000

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.