769043 RA使用的所有TCP/UDP端口号
Problem
本文的目的是为了给网络管理员参考,包含了所有由罗克韦尔自动化硬件和软件产品使用的静态TCP / UDP端口列表。
除此之外,罗克韦尔的许多软件产品依靠DCOM动态端口分配。
Solution
下表显示各个产品所使用的通信端口。此表不包括任何与罗克韦尔产品、微软Windows等一起使用的第三方产品正常运作所必需的端口。
使用任何FactoryTalk软件时(例如FactoryTalk View SE),需要注意的是,软件是运行在FactoryTalk Services Platform平台之上的。因此,在确定要打开的端口时,包括以下两个:
- 产品特定端口
- FactoryTalk Services Platform端口
|
端口 |
类型 |
协议 |
产品 |
说明 |
|
21 |
TCP |
FTP |
PowerMonitor 1000 |
Log File Retrieval |
|
23 |
TCP |
Telnet |
Trusted |
Diagnostic command line interface |
|
25 |
TCP |
SMTP |
1769-L35E , 1769-L32E, |
Outbound email only |
|
67-68 |
UDP |
DHCP/BOOTP |
1756-ENET, 1756-ENBT PowerMonitor 1000 |
Client only |
|
69 |
UDP |
TFTP |
5820-EI |
For binary download, used in conjunction with BootP |
|
80 |
TCP |
HTTP |
1756-ENET PowerMonitor 1000 |
FactoryTalk ViewPoint and VantagePoint EMI server can use any other custom assigned port |
|
123 |
UDP |
NTP, SNTP |
PowerMonitor 1000 |
Network time protocol |
|
135 |
TCP |
RPC/Endpoint Mapper |
FactoryTalk |
DCOM endpoint mapper |
|
161 |
UDP |
SNMP |
1756-ENET |
connection to SNMP daemon |
|
300-400 |
UDP |
Proprietary |
PowerMonitor 1000 |
Master/Slave configuration |
|
400-402 |
TCP |
RPC |
FactoryTalk Transaction Manager RSSQL |
Transaction Manager, Compression Server, and Configuration Server |
|
443 |
TCP |
HTTPS |
FactoryTalk ViewPoint |
When using web server with secure Certificate Web Interface and Certificate |
|
500 |
UDP |
IKE |
1756-EN2TSC |
Internet Protocol Security (IPsec) |
|
502 |
TCP |
ModbusTCP |
AADvance PowerMonitor 1000 |
Master or slave |
|
990 |
TCP |
FTPS |
PowerMonitor 1000 |
Secure file server |
|
1001-1009 |
UDP |
Proprietary |
1426 PowerMonitor 5000 |
Waveform synchronized broadcast |
|
Dynamic (1024-65535+) |
TCP |
DCOM |
FactoryTalk |
DCOM dynamic ports |
|
1089 |
TCP/UDP |
ff-annunc |
Foundation Fieldbus |
|
|
1090 |
TCP/UDP |
ff-fms |
||
|
1091 |
TCP/UDP |
ff-sm |
||
|
1132 |
TCP |
SNCP |
AADvance |
Safety Network Control Protocol, used by OPC, workbench debugger and binding networks |
|
1330 |
TCP |
rnaprpc |
FactoryTalk |
Object RPC |
|
1331 |
TCP |
rnaserv |
FactoryTalk |
Service control |
|
1332 |
TCP |
rnaserverping |
FactoryTalk |
Server health |
|
1433 |
TCP |
FactoryTalk AssetCentre (server) |
SQL Server communication (default port) |
|
|
1434 |
UDP |
FactoryTalk AssetCentre (server) |
Recommended static destination port for MSSQL to minimize the number of ports open on a firewall. See MS Knowledgebase article 287932. |
|
|
1947 |
TCP/UDP |
SafeNet Sentinel Local License Manager |
Windows Service installed by Sentinel USB HASP driver. This service is not required for USB dongle to function. For more information and to disable this service see AID-570831 |
|
|
2000 |
TCP |
Modbus RTU |
AADvance (Slave only) |
RTU packaged in serial stream. Other ports may be assigned. |
|
2010, |
UDP |
Discover tool |
AADvance |
Used to configure systems. The tool sends broadcast to 2010 and systems reply to port 2011 |
|
2222 |
UDP |
EtherNET/IP |
1756-ENBT |
I/O communications used only by products that support I/O over EtherNet/IP. |
|
2222 |
TCP |
CSP |
1785-Lxxe PowerMonitor 1000 PowerMonitor 3000 PowerMonitor 5000 |
Port 2223 is the source port for connections |
|
3060 |
TCP |
rnadirft |
FactoryTalk |
Directory Server file transfer |
|
3622 |
TCP/UDP |
ff-lr-port |
||
|
4000 |
UDP |
Peer to Peer |
Trusted |
Original simplex protocol |
|
4120 |
TCP |
RPC |
RSBizWare |
Production Server |
|
4121 |
TCP |
RPC |
RSBizWare |
Server Manager |
|
4122 |
TCP |
RPC |
RSBizWare |
PlantMetrics Server |
|
4123 |
TCP |
RPC |
RSBizWare |
Task Manager |
|
4124 |
TCP |
RPC |
RSBizWare |
Scheduler Server |
|
4125 |
TCP |
RPC |
RSBizWare |
Scheduler CTP Server |
|
4241 |
TCP |
RSLinx Enterprise |
FactoryTalk Live Data Message for RSLinx Enterprise (RSLinxNG.exe) |
|
|
4243 |
TCP |
FactoryTalk View SE HMI Tag server (CPR9 SR6 and higher) |
HMI Tag Server |
|
|
4446 |
TCP |
TCP/IP |
FactoryTalk Diagnostics (CPR9 SR3) |
See AID: 68260 for additional info |
|
5000 |
UDP |
Peer to Peer |
Trusted |
Enhanced (new) protocol |
|
5241 |
TCP |
TCP/IP |
FactoryTalk Diagnostics (CPR9 SR4 and greater) |
See AID: 68260 for additional info |
|
5450 |
TCP |
FactoryTalk Historian Site Edition, 1756-HISTx |
PI Network Manager |
|
|
5454 |
TCP |
FactoryTalk Historian Site Edition |
Analysis Framework v1.x |
|
|
5455 |
TCP |
FactoryTalk Historian Site Edition |
Analysis Framework v1.x |
|
|
5456 |
TCP |
FactoryTalk Historian Site Edition |
ACE 2 scheduler |
|
|
5457 |
TCP |
FactoryTalk Historian Site Edition |
Asset Framework Server |
|
|
5458 |
TCP |
FactoryTalk Historian Site Edition |
PI Notifications |
|
|
5459 |
TCP |
FactoryTalk Historian Site Edition |
Asset Framework to OLEDB Enterprise |
|
|
6000 |
TCP |
Workbench |
Trusted |
Online debugger |
|
6543 |
TCP |
rnaalarming |
FactoryTalk |
Alarming Server |
|
7002-7004 |
TCP |
FactoryTalk AssetCentre (default) |
FactoryTalk AssetCentre services |
|
|
7600 |
TCP |
FactoryTalk |
Event Multiplexor |
|
|
7700 |
TCP |
FactoryTalk |
Event Server |
|
|
7710 |
TCP |
FactoryTalk |
Directory Server |
|
|
7720 |
TCP |
RSView SE |
HMI Server |
|
|
7721 |
TCP |
RSView SE |
Server Framework |
|
|
7722 |
TCP |
RSView SE |
HMI Activation |
|
|
7723 |
TCP |
RSView SE |
Historical Data Log Reader |
|
|
8080 |
TCP |
HTTP |
RSBizWare |
Production Server, reports |
|
8081 |
TCP |
HTTP |
RSBizWare |
Server Manager |
|
8082 |
TCP |
TCP/IP |
FactoryTalk Diagnostics Local Reader (CPR9 SR4 and greater) |
|
|
8083 |
TCP |
HTTP |
CTP Server |
|
|
8443 |
TCP |
HTTPS |
1756-HISTx (v3.50 and higher only) |
HTTPS connection to Diagnostics interface |
|
10001 – 10006 |
TCP |
Serial data |
AADvance |
Transparent Communication Interface, where an Ethernet host can talk through AADvance to a serial port. |
|
22350 |
TCP/UDP |
TCP/IP |
FactoryTalk Activation Manager |
CodeMeter runtime server |
|
27000 – 27009 |
TCP |
TCP/IP |
FactoryTalk Activation Server; FactoryTalk Activation Manager |
See AID-35717 and AID-184922 for more Applications required to run FLEXSVR.EXE and LMGRD.EXE |
|
44818 |
TCP/UDP |
EtherNET/IP |
1756-ENBT 1756-ENET 1768-ENBT PanelView Plus |
Messaging, data transfer, upload/download, peer messaging, etc. Used largely by RSLinx. |
|
49281 |
TCP |
TCP/IP |
FactoryTalk Live Data |
HMI Tag Server |
|
55555 |
TCP |
Telnet |
AADvance from release 1.3 |
Diagnostic command line interface |
|
60093 |
TCP |
TCP/IP |
FactoryTalk Diagnostics (CPR9 SR2 and earlier) |
See AID: 68260 for additional info |
|
65207 |
TCP |
TCP/IP |
FactoryTalk VantagePoint |
Incuity Server Advertiser |
在下面的主题会看到历史端口分配列表(类似于IANA端口分配)。
Rockwell Ports
以下是由罗克韦尔软件和硬件产品定义的端口列表。
|
端口 |
协议 | 产品 |
|
21/TCP |
FTP |
PowerMonitor 1000 |
|
25/TCP |
SMTP |
Outgoing email: 1769-L35E, 1769-L32E, FactoryTalk AssetCentre, FactoryTalk Transaction Manager, RSBizWare, RSSQL, RSView Messenger |
|
67-68/UDP |
DHCP/BOOTP |
Client only: 1756-ENET, 1756-ENBT, 1756-EWEB, 1794-AENT, 1734-AENT, 1769-L35E, 1769-L32E, 1788-ENBT, 1761-NET-ENI, 1785-LXXe, 1785-ENET, 1757-L55x, 5820-EI,PowerFlex Drives, PowerMonitor 1000, PowerMonitor 3000, PowerMonitor 5000, PanelView |
|
69/UDP |
TFTP |
Used with BootP: 5820-EI |
|
80/TCP |
HTTP |
1756-ENET, 1756-ENBT, 1756-EWEB, 1756-HISTx,1794-AENT,1734-AENT,1769-L35E, 1769-L32E, 1788-ENBT,1761-NET-ENI,1785-LXXE,1785-ENET,1747-L55x,1763-L16x, PowerFlex Drives, PowerMonitor 1000, PowerMonitor 3000, PowerMonitor 5000, PanelView, RSBizWare, RSView32, FactoryTalk View SE, RSViewSE |
|
123/UDP |
NTP |
Network time Protocol: PowerMonitor 1000, PowerMonitor 3000, PowerMonitor 5000 |
|
135/TCP |
RPC/Endpoint mapper |
DCOM Endpoint Mapper: FactoryTalk, RSMACC, RSView32 RADS |
|
161/UDP |
SNMP |
1756-ENET, 1756-ENBT, 1756-HISTx, 1794-AENT, 1734-AENT, 1769-L35E, 1769-L32E, 1788-ENBT, 1761-NET-ENI, 1785-LXXE, 1785-ENET, 1747-L55x, 5820-EI, PowerFlex Drives, PowerMonitor 3000, PanelView |
|
300-400 |
Proprietary |
Master/Slave configuration for PowerMonitor 1000 |
|
400/tcp |
RSSql Transaction Manager |
|
|
401/tcp |
RSSql Compression Server |
|
|
402/tcp |
RSSql Configuration Server |
|
|
443/tcp |
HTTPS connection to Web interface |
1756-HISTx, PowerMonitor 1000 |
|
502/tcp |
ModBus TCP |
PowerMonitor 1000 |
|
990/tcp |
FTPS Secure File Transfer |
PowerMonitor 1000 |
|
1089/tcp |
ff-annunc |
FF Annunciation |
|
1089/udp |
ff-annunc |
FF Annunciation |
|
1090/tcp |
ff-fms |
FF Fieldbus Message Specification |
|
1090/udp |
ff-fms |
FF Fieldbus Message Specification |
|
1091/tcp |
ff-sm |
FF System Management |
|
1091/udp |
ff-sm |
FF System Management |
|
1330/tcp |
rnaorpc |
FactoryTalk Object RPC |
|
1331/tcp |
rnaserv |
FactoryTalk Service control |
|
1332/tcp |
rnaserverping |
FactoryTalk Server health |
|
1433/TCP |
SQL Server comms: RSMACC, FactoryTalk AssetCentre |
|
|
1434/UDP |
SQL Server destination port: FactoryTalk AssetCentre |
|
|
2221/tcp |
rockwell-csp1 |
Rockwell CSP1 |
|
2221/udp |
rockwell-csp1 |
Rockwell CSP1 |
|
2222/tcp |
rockwell-csp2 |
Rockwell CSP2 |
|
2222/udp |
rockwell-csp2 |
Rockwell CSP2 |
|
2223/tcp |
rockwell-csp3 |
Rockwell CSP3 |
|
2223/udp |
rockwell-csp3 |
Rockwell CSP3 |
|
3060/tcp |
rnadirft |
FactoryTalk Directory Server file transfer |
|
3622/tcp |
ff-lr-port |
FF LAN Redundancy Port |
|
3622/udp |
ff-lr-port |
FF LAN Redundancy Port |
|
4120/tcp |
Bizware Production Server |
|
|
4121/tcp |
Bizware Server Manager |
|
|
4122/tcp |
Bizware PlantMetrics Server |
|
|
4123/tcp |
Bizware Task Manager |
|
|
4124/tcp |
Bizware Scheduler |
|
|
4125/tcp |
Bizware CTP Server |
|
|
6543/tcp |
RnaAlarmingService |
FactoryTalk Alarming Server |
|
7002/TCP |
FactoryTalk AssetCentre services |
|
|
7003/TCP |
FactoryTalk AssetCentre services |
|
|
7004/TCP |
FactoryTalk AssetCentre services |
|
|
7600/tcp |
FactoryTalk Event Multiplexor |
|
|
7700/tcp |
FactoryTalk Event Server |
|
|
7710/tcp |
FactoryTalk Directory Server |
|
|
7720/tcp |
RSViewSE HMI Server |
|
|
7721/tcp |
RSViewSE Server Framework |
|
|
7722/tcp |
RSViewSE HMI Activation |
|
|
7723/tcp |
RSViewSE HMI Historical Data Log Reader |
|
|
8080/tcp |
Bizware HTTP Product Server, 1756-HISTx |
|
|
8081/tcp |
Bizware HTTP Server Manager |
|
|
8083/tcp |
Bizware HTTP CTP Server |
|
|
8443/tcp |
1756-HISTx |
|
|
27000/tcp |
FlexLM Server |
|
|
27001/tcp |
FlexLM Server |
|
|
27002/tcp |
FlexLM Server |
|
|
27003/tcp |
FlexLM Server |
|
|
27004/tcp |
FlexLM Server |
|
|
27005/tcp |
FlexLM Server |
|
|
27006/tcp |
FlexLM Server |
|
|
27007/tcp |
FlexLM Server |
|
|
27008/tcp |
FlexLM Server |
|
|
27009/tcp |
FlexLM Server |
|
|
44818/tcp |
rockwell-encap |
Rockwell Encapsulation |
|
44818/udp |
rockwell-encap |
Rockwell Encapsulation |
Additonal port information
To determine if ports are open or locked down you can run the Port Probe utility attached to the following 39459 – TCP Port Probe Utilty.
For TCP/UDP ports used by GuardPLC products, see 59004 – TCP/UDP ports used by GuardPLC products.
For TCP/UDP ports used by PanelView Plus 6 and PanelView Plus 7 terminals, see726502 – TCP and UDP Ports used by PanelView Plus 6 and PnaelView Plus 7 Terminals.
For information on 1756-EN2T TCP port ranges see 606559 – TCP and UDP Ports Used by 1756 EtherNet/IP Modules
For information on how to manually open TCP/UDP ports, refer to 59857 – How to manually open TCP/UDP ports.
坐等大佬D盘更新,祝大佬全家福寿安康
有公众号之类的吗,之前这个网站打不开了
[…] 关于使用Change…
[…] 关于使用Functi…
谢谢提醒,已删 :)