Ports used for administration, Ports open by default – Apple Mac OS X Server (Version 10.6 Snow Leopard) User Manual

Chapter 7

Ongoing System Management

127

You can use Workgroup Manager on a v10.6 server to manage Mac OS X clients
running the latest Mac OS X v10.5. However, after you edit a user record using
Workgroup Manager on v10.6, you can only access it using Workgroup Manager
on v10.6.

Ports Used for Administration

For Apple’s administration applications to function, the following ports must be
enabled.

Port number and type

Tool used

22 TCP

SSH command-line shell

311 TCP

Server Admin (with SSL)

625 TCP

Workgroup Manager

389, 686 TCP

Directory

80 TCP

QuickTime Streaming Management

4111 TCP

Xgrid Admin

In addition, other ports must be enabled for each service you want to run on your
server. For a port reference guide, see the online help and Mac OS X Server Resources
website at www.apple.com/server/macosx/resources/.

Ports Open By Default

After setup, the firewall is off by default in Advanced Server mode, and therefore all
ports are open. When the firewall is on, all ports are blocked except the following for
all originating IP addresses:

Port number and type

Service

22 TCP

SSH command-line shell

311 TCP

Server Admin (with SSL)

626 UDP

Serial number support

625 TCP

Remote Directory Access

ICMP incoming and outgoing

standard ping

53 UDP

DNS name resolution