Configuration, programming
4.2 Restricting communications services in the CPU
Protocol /
Port number (pro-
function
tocol)
Online security
8448 (TCP)
diagnostics
HTTP
80 (TCP)
HTTPS
443 (TCP)
FTP
20 (TCP)
21 (TCP)
FTPS
989 (TCP)
990 (TCP)
SNMP
161 (UDP)
* For information on avoiding opening port 102 during diagnostics, see section Online
security diagnostics via port 8448 (Page 68).
Ports of communication partners and routers
Make sure that you enable the required client ports in the corresponding firewall on the
communications partners and in intermediary routers.
These can be:
● DHCP / 67, 68 (UDP)
● DNS / 53 (UDP)
● NTP / 123 (UDP)
● SMTP / 25 (TCP) - Open in CP on block call (outgoing only)
● SMTPS / 587 (TCP) - Open in CP on block call (outgoing only)
4.2
Restricting communications services in the CPU
Communications services without connections
The CPU can be a server for a series of communications services without connections being
configured for the CPU. Other communications partners can access CPU data. This means
that it is no longer possible for the local CPU to control communication with the clients.
The reliability of these communications services is set by the "Connection mechanisms"
parameter in the "Protection & Security" parameter group of the CPU.
34
Default of the port
Port status
Closed
Open after configuration
Closed
Open after configuration
Closed
Open after configuration
Closed
Open after configuration
Closed
Open after configuration
Open
Open after configuration
Operating Instructions, 12/2019, C79000-G8976-C289-08
Authentication
No
No
Yes
No
Yes
Yes (with SNMPv3)
CP 1543-1