DMM-DMP communication ports

Answered Question
Aug 12th, 2010
User Badges:

Hi all,

I have a request from our client to restrict the access between the DMM and the DMPS only to the usable ports.

So i ended up to the following ports: 20,21,80,8443,443,7777,6666 all TCP ports initiating connection from the DMM to the DMPS.

I have applied the access list but it seems that i cannt push/change content to the DMPs but on the contrary, i can perform tasks on them.

Am i missing any ports here or is it using dynamic ports?

Thanking you all

Correct Answer by Tomas De Leon about 6 years 11 months ago


There is actually more ports that you need to

be aware of.  Enclosed is a more detailed




Correct Answer by Charles Little about 6 years 11 months ago

Attached is a PPT preso that lists all the ports required for DMS. I hope this is helpful.


C.O. Little

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Correct Answer
Charles Little Thu, 08/12/2010 - 05:42
User Badges:
  • Bronze, 100 points or more

Attached is a PPT preso that lists all the ports required for DMS. I hope this is helpful.


C.O. Little

Charles Little Thu, 08/12/2010 - 09:05
User Badges:
  • Bronze, 100 points or more


Excellant Doc. It would be great to get this document posted up on the site.


panayiotiscy Mon, 08/16/2010 - 02:44
User Badges:

Hi all,

I'm resuming this conversation because i'm not able to access the DMP by gui after applying the access list

So, i have permitted the communication to be:

From Admin Pc to DMPs: ports 80 and 443.

This enables me to navigate to dmp,accept the ssl certificate and login to the DMP.

Then,all i get is a blank screen on the web browser (both ie and mozilla).

Do i need to permit anything else apart from these 2 ports?

Thank you all.

Tomas De Leon Mon, 08/16/2010 - 13:44
User Badges:
  • Cisco Employee,


Remember the TCP traffic is 2-way.

Ports 80 & 443 are correct if you apply the access-list as

in & out.

The Admin device is going to use the DEST port as 80 or 443

with a SRC of something like 58xxx.   The DMP will respond

with a DEST of 58xxx and a SRC of 80 or 443.

It sounds like you are allowing 80 & 443 out but not back in...

You be able to turn on debugging on the Router for access violations

and you see what ports are failing the access list.

I hope this helps..


panayiotiscy Wed, 08/18/2010 - 23:27
User Badges:

Hi Tomas,

IT was a flash player issue!

Flash player was not installed on that computer.

The access list is testes (as stated before) and is working ok!

Thanking you


This Discussion

Related Content