Open Ports in GigaVUE‑FM

GigaVUE‑FMOpen Ports

The following table provides information about the ports:

Inbound

Protocol	Port Number	Service	Source CIDR	Purpose
TCP	22	SSH	Administrator Subnet	Allows CLI access to user-initiated management and diagnostics.
TCP	443	HTTPS	Administrator Subnet / GigaVUE-OS / Cloud Fabrics	Allows GigaVUE-FM to accept Management connection using REST API from user and Gigamon devices. Allows users to access GigaVUE-FM UI securely through an HTTPS connection.
TCP	514	Syslog	GigaVUE-OS Node	Allows GigaVUE-OS node to send syslog message to GigaVUE-FM over TCP.
UDP	514	Syslog	GigaVUE-OS Node	Allows GigaVUE-OS node to send syslog message to GigaVUE-FM over UDP.
UDP	162	SNMP	GigaVUE-OS Node	Allows GigaVUE-OS node to send SNMP events to GigaVUE-FM over UDP.
UDP	2056	FluentD	GigaVUE-OS Node / GigaVUE V Series	Allows GigaVUE-OS / GigaVUE V Series nodes to send Application Intelligence monitoring reports.
UDP	2096	FluentD	GigaVUE-OS Node	Allows GigaVUE-OS node to send Basic Inline SSL Session Stats.
UDP	2097	FluentD	GigaVUE-OS Node	Allows GigaVUE-OS node to send Advanced Inline SSL Session Stats.
TCP	5671	RabbitMq	Cloud Fabric Nodes	Allows Cloud Fabric nodes to send health events, solution status, statistics, and other notifications.
TCP	9600	StepCA	Cloud Fabric Nodes	Allows Cloud Fabric nodes to configure and renew the certificates.

Note:For FMHA, it is essential to open all the previously mentioned ports from GigaVUE‑OS to every GigaVUE‑FM node.

Outbound

Protocol	Port Number	Service	Source CIDR	Purpose
TCP	389	LDAP	GigaVUE‑FM	Allows GigaVUE‑FM to reach the LDAP server for authentication. Required only if the LDAP is configured for FM user authentication.
TCP	636	LDAP SSL	GigaVUE‑FM	Allows GigaVUE‑FM to reach the LDAP server over SSL for authentication. Required only if the LDAP is configured for FM user authentication.
UDP	1812	RADIUS (RFC 2865)	GigaVUE‑FM	Allows GigaVUE-FM to reach the RADIUS server for authentication. Required only if the RADIUS is configured for FM user authentication.
TCP	49	TACACS	GigaVUE‑FM	Allows GigaVUE‑FM to reach the TACACS server for authentication. Required only if the TACACS is configured for FM user authentication and TACACS uses TCP..
UDP	53	DNS	GigaVUE‑FM	Allows GigaVUE‑FM to reach the DNS server for name resolution.
UDP	68	DHCP	GigaVUE‑FM	Allows GigaVUE‑FM to reach the DHCP server for network configuration.
UDP	123	NTP	GigaVUE‑FM	Allows GigaVUE‑FM to reach the NTP server for time synchronization.

Open Ports for Communication between members of GigaVUE‑FM High Availability Cluster

The following table lists the ports that must be open for communication between the members of GigaVUE‑FM High Availability cluster:

Note: These ports cannot be accessed by standalone GigaVUE‑FM instances.

Direction	Protocol	Port Number	Service	Source CIDR	Purpose
Bidirectional	TCP	443	HTTPS	GigaVUE‑FM	REST API communication between HA members.
Bidirectional	TCP	8300	Consul	GigaVUE‑FM	RPC communication between Consul members.
Bidirectional	TCP	8301	Consul	GigaVUE‑FM	Heartbeat and Gossip between Consul members.
Bidirectional	UDP	8301	Consul	GigaVUE‑FM	Heartbeat and Gossip between Consul members
Bidirectional	TCP	8302	Consul	GigaVUE‑FM	Heartbeat and Gossip between Consul members over WAN.
Bidirectional	UDP	8302	Consul	GigaVUE‑FM	Heartbeat and Gossip between Consul members over WAN.
Bidirectional	TCP	27071	MongoDB	GigaVUE‑FM	Used for data replication across HA members and data access through GigaVUE‑FMCLI.
Bidirectional	TCP	9300	OpenSearch	GigaVUE‑FM	Used for data replication across cluster members.
Bidirectional	TCP	30865	CSync2	GigaVUE‑FM	Used for the Synchronization of files / directories across HA members. For example, Image files during GigaVUE‑FM HA Upgrade.
Bidirectional	TCP	24224	FluentD	GigaVUE‑FM	Used for receiving / forwarding the packets from / to other HA members.
Bidirectional	UDP	24224	FluentD	GigaVUE‑FM	Used for receiving / forwarding the packets from / to other HA members.