Welcome to Cisco Support Community. We would love to have your feedback.
For an introduction to the new site, click here. And see here for current known issues.
What ports are necessary through a firewall for a server with an agent on a DMZ. I would need CSA to CSAMC and also CSAMC to CSA.
TCP/UDP 5401 and (optional) 443 as a fallback.
If you are using the anaylsis product, you also need 5402 (at least the last time I checked).
Is this for CSA-CSAMC and CSAMC to CSA? I saw this for the CSA to CSAMC but couldn't find the CSAMC to CSA.
It's for both. This explains it pretty well:
Look at "Q. Why is the CSA unable to communicate with the CSA MC?"
They also need to be able to resolve the MC in DNS.