Configure Communication Ports

Most of the communication between devices on the remote site and Aruba Central server is carried out through HTTPS Hypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer  or transport layer security protocol connection. (TCP Transmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. 443). However, verify if the ports listed in the following table that are open to allow the Aruba Central server and the managed devices to communicate over a network firewall.

The following table provides information on the various domain names and ports for Aruba Central On-Premises.

Table 1: Domain Names and Ports for Aruba Central On-Premises

Source IP/Network Destination IP/Network

Destination Port

Protocol

Purpose

Inbound Ports Traffic

Administrative workstation IP address

Aruba Central On-Premises cluster IP address

443

 

TCP, HTTPS

To access and manage Aruba Central On-Premises WebUI.

Administrative workstation IP address

All Aruba Central On-Premises node IP address

4343

TCP, HTTPS

To access the Aruba Central On-Premises setup wizard for installation.

Device IP address

Aruba Central On-Premises cluster IP address

443

TCP, HTTPS

For HTTPS and WebSocket communication between Aruba Central On-Premises and managed devices.

Device IP address

Aruba Central On-Premises cluster IP address

8211

UDP User Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. , AMON Advanced Monitoring. AMON is used in Aruba WLAN deployments for improved network management, monitoring, and diagnostic capabilities.

To receive AMON messages and view data for controllers in the Aruba Central On-Premises monitoring dashboard.

Switch IP address

Aruba Central On-Premises cluster IP address

8888

TCP, HTTP Hypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands.

For HTTP-based firmware image download for CX and PVOS switches.

Outbound Ports Traffic

All Aruba Central On-Premises node IP address

SMTP server

25, 456, or 587

TCP, SMTP

Dependent on the SMTP configuration for alerts, reports, and Aruba Central On-Premises account registration.

All Aruba Central On-Premises node IP address

NTP Network Time Protocol. NTP is a protocol for synchronizing the clocks of computers over a network.  server

123

UDP, NTP

To access user-configurable NTP server for clock synchronization. Default is ntp.ubuntu.com.

All Aruba Central On-Premises node IP address

Device IP address

161

UDP, SNMP Simple Network Management Protocol. SNMP is a TCP/IP standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. 

For SNMP and traps.

All Aruba Central On-Premises node IP address

Device IP address

162

UDP, SNMP

For SNMP and traps.

All Aruba Central On-Premises node IP address

Arubacontroller IP address

4343

TCP, HTTPS

For device bootstrap to controllers.

All Aruba Central On-Premises node IP address

nexus2.airwave.com

22

TCP, SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device.

For Aruba Central On-Premises support connection to TAC Technical Assistance Center. .

All Aruba Central On-Premises node IP address

coreupdate.central.arubanetworks.com

443

TCP, HTTPS To check and download Aruba Central On-Premises software for automatic upgrades.

All Aruba Central On-Premises node IP address

*.quay.io

443 TCP, HTTPS To check and download Aruba Central On-Premises software for automatic upgrades.

All Aruba Central On-Premises node IP address

maps.googleapis.com

443 TCP, HTTPS To translate address and map latitude/longitude.

All Aruba Central On-Premises node IP address

https://enterpriselicense.hpe.com

443 TCP, HTTPS

For Aruba Central On-Premises license enforcement.

Administrative workstation IP address

api.mapbox.com

443 TCP, HTTPS

To view maps in Aruba Central On-Premises WebUI.

Administrative workstation IP address

d1c50u1zbkqmph.cloudfront.net

443 TCP, HTTPS

For Aruba Central On-Premises WebUI static content access from CDN A Content Delivery Network (CDN) is a group of servers that are distributed geographically and speed up web content delivery by bringing it closer to the user's location. .

Administrative workstation IP address

help.arubanetworks.com

443 TCP, HTTPS

To access Aruba Central On-Premises User Guide from Aruba Central On-Premises WebUI.

The source port is always dynamic (random) for both inbound and outbound traffic.

The Aruba appliance opens multiple ports. Aruba recommends that you host the Aruba appliance behind a firewall.