Firewall and communication configuration#

Before you install the server, you must ensure that servers, agents, and other systems can connect to each other through your networks and firewalls.

The following diagram shows the main default ports that are involved in communication between agents, agent relays, and the server.

A diagram of the ports that agents, agent relays, and servers use to communicate; these are the same posts in the lists above

The following diagram shows the default port numbers that HCL™ Launch uses for communication. Most of these ports can change depending on your choices at installation time. The following diagram is only a summary of the defaults.

A topology that shows the ports that each part of HCL Launch uses for communication

The server must have network access to the following ports:

As shown in the diagram, agents can connect to servers directly or through agent relays. You must ensure that the agent communication can get to the server through any firewalls or other limitations.

If your agents connect to the server through an agent relay, you must configure your networks and firewalls to allow the following communication. In this case, you install the agent relay on the same network and the same side of the firewall as the agents.

For example, if your server is on an internal network and your agents are on an external network such as a public cloud, you install the agent relay on the cloud and have the agents connect to the agent relay. Then, the agent relay connects through the firewall to the internal network.

If your agents connect directly to the server, you must configure your networks and firewalls to allow the following communication:

For more information on communication between the server, agents, and agent relays, see Agent security and communication and Agent relays.

Parent topic: Installing HCL Launch