| Source | Destination | Protocols | Ports | Description |
|---|---|---|---|---|
RAS Connection Broker
AD DS controllers
TCP
TCP
TCP,UDP
UDP
389, 3268
636, 3269
88
53
LDAP
LDAPS
Kerberos
DNS
RAS Connection Broker
TCP
20001
20030
Redundancy service.
Communication between RAS Connection Brokers running in the same site.
Parallels Licensing Server
TCP
443
RAS Connection Broker (primary Connection Broker in Licensing Site) communicates with Parallels Licensing Server (https://ras.parallels.com).
Note: Not required for Tenant Broker RAS Connection Broker (see the Tenant Broker section).
RAS Performance Monitor
TCP
8086
Agent (Telegraf service) sends collected performance data to InfluxDB.
RAS RD Session Host Agent
TCP, UDP
30004
Server for Connection Broker requests.
RAS Provider Agent
TCP, UDP
30006
Provider Agent communication port.
RAS Remote PC Agent
TCP, UDP
30004
Remote PC Agent Communication Port (agent state, counters and session information)
2FA Server(s)
TCP, UDP
8080, 80
1812, 1813
Deepnet/ Safenet
Radius
RAS Enrollment Server
TCP
30030
RAS Connection Broker Sends RAS Enrollment Server connection Request
RAS Reporting
TCP
30008
Master RAS Connection Broker communicates with RAS Reporting (installed on the same host as SSRS).
RAS Remote Installer Service
TCP
30020
Remote agent pushing
RAS RD Session Host Agent
RAS Guest Agent
RAS Remote PC Agent
RAS Connection Broker
RAS Secure Gateway
RAS Enrollment Server
TCP
135, 445, 49179
Remote Install Push/Takeover of Software
SMTP
TCP
587
Notifdispatcher is the service which sends the emails using port specified in the Mailbox settings (+SSL/TLS)
Let's Encrypt Service
TCP
80, 443
Communication between the Let's Encrypt client (available in the primary Connection Broker) and a Let's Encrypt server.