Control Room ports, protocols, and firewall requirements

View the default and configurable firewall, port, and protocol requirements for Automation Anywhere deployment.

Add Automation Anywhere to the Windows Firewall exception list. Follow the steps as directed by Microsoft for your Windows version.

Configure the firewall rules for Control Room and Enterprise Client, that includes Bot Creator and Bot Runner activity. The following tables list required ports and their use.

Enterprise Client required ports

Protocol Ports Rule
TCP 943 and 4530 Client inbound

Used for client internal communication

SMTP 1 through 65535 Client SMTP outbound

The destination SMTP port can be manually configured

RDP 3389 Client inbound

Control Room required ports

Important: It is critical that communication between the Control Room servers is properly protected. These Control Room servers contain security sensitive information that is not encrypted. Therefore, excepting the Control Room servers, block all other network hosts from accessing the listed Automation Anywhere cluster communication ports.
Note: The open ports listed here do not include ports that are inaccessible to remote hosts, as they are bound to the local host and typically dynamically assigned.

The following table lists the open port requirements. Unless noted, open the inbound ports on the Control Room server.

Protocol Incoming Port Usage What's Connecting
HTTP 80 HTTP

Web browsers

Bot Runners

Bot Creators

HTTPS 443

HTTPS and

Web Socket

Web browsers

Bot Runners

Bot Creators

TCP 1433 Microsoft SQL Server Control Room Services

Bot Insight services

TCP 5672 Cluster Messaging Control Room Services
TCP 47500 – 47598

Cluster Messaging and

Caching

Control Room Services
TCP 47100 – 47200

Cluster Messaging and

Caching

Control Room Services

Open ports on both the Control Room and the IQ Bot servers

HTTP 47599 Elasticsearch Control Room Services
TCP 47600 Elasticsearch Control Room Services

Data center ports and protocols for Automation Anywhere Enterprise

Configure each of the data center components that are required for Control Room integration.

Data center components labeled with port numbers for communications with Control Room

Default ports are listed for illustration purposes. Some ports can have alternative port numbers specified during Control Room installation. Some port numbers can be modified after Control Room installation. Active Directory ports are listed as an example of an enterprise identity management.

Data center object Port default Protocol default Notes
Load balancer 443 HTTPS and web socket

80

HTTP

Firewall 443 HTTPS and web socket

80

HTTP

Enterprise identity management

Example: Active Directory ports

389 TCP (LDAP)

636

TCP (LDAP SSL)

3268

TCP (LDAP Global controller)

3269

TCP (LDAP Global controller SSL)

88

TCP and UDP (Kerberos)

Subversion server 443 HTTPS and web socket Change default from Control Room Settings page.

80

HTTP

Microsoft SMB file share 445 TCP
Postgre SQL 5432 TCP Override default at Control Room installation.
Microsoft SQL database server 1433 TCP Override default at Control Room installation.
Oracle database server 1521 TCP Override default at Control Room installation.

Microsoft Azure supported data center elements

Data center object Version Configuration
Control Room operating system

Windows Server 2016

Windows Server 2019

Windows Server 2012 R2

IaaS

Enterprise Client operating system

Windows Server 2016

Windows Server 2019

Windows Server 2012 R2

IaaS

Identity management: Azure Active Directory

Azure Active Directory

IDaaS

Windows 2016 for IaaS

SMB File Share Azure File Share PaaS or IaaS
Load Balancer Azure Load Balancer PaaS
PostgreSQL server Azure PostgreSQL (9.5.14 and SSL Disabled) PaaS or IaaS
Microsoft SQL server

Azure SQL Database (Microsoft SQL Azure (RTM) - 12.0.2000.8) (PaaS)

  • Azure SQL database includes both single databases and databases deployed to an elastic pool.
  • Microsoft SQL Server 2016 or 2017 supports (IaaS)

PaaS

Subversion server Bitnami Subversion 1.10.0-0 (Linux) IaaS

Microsoft Azure security policy recommended ports

Data center object Port Protocol
Control Room 80, 443 Any
Azure Active Directory 53, 389 Any
LDAP 3268, 3269 Any
email SMTP 587 Any
SSH 22 Any
RDP 3389 TCP

Email server browser ports

When creating bots, use the listed ports and SMTP host names.

Server Host Name Supported Ports
Outlook/Office 365 smtp-mail.outlook.com 25, 587
Gmail smtp.gmail.com 465, 587
Yahoo smtp.mail.yahoo.com 25, 465
Hotmail smtp.live.com 587
Enterprise Client client_host_name 1 - 65535