Troubleshooting
Problem
This technote lists the ports required for PCAP appliance operation.
Resolving The Problem
These TCP ports are required for external access on a PCAP Master Appliance:
Table 1 PCAP Master Ports that are Required.
Port | Services and Protocols |
4477 | SSH |
443 | PCAP REST API access |
41390 | Web UI access |
41392 | PCAP REST API access |
In case of a Cluster where a Data Node is installed, these TCP ports must be opened for Data node to access a PCAP Master Appliance:
Table 2 PCAP Data Node Ports that are Required.
Port | Services and Protocols |
41391, 41393 - 41396 | Data Node send node status, License information, System Usage information, Search lists, and Search data |
41500 | Data Node send Status, license information, System usage information, Search lists, and Search data |
4477 | SSH |
5000 - 5021 | PCAP Master sends PCAP data and status requests to Data Node. |
Note: All ports that are listed in Table 2 are communication ports between the PCAP Master appliance and PCAP Data Node. These ports for a PCAP Data Node only should be open to the PCAP Master Appliance.
Where do you find more information?







[{"Product":{"code":"SSMU35","label":"IBM QRadar Network Packet Capture Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Installation","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
28 October 2020
UID
swg21999205