This article provides an overview of common ports that are used by Citrix components and must be considered as part of networking architecture, especially if communication traffic traverses network components such as firewalls or proxy servers where ports must be opened to ensure communication flow. Show
Not all ports need to be open, depending on your deployment and requirements. Citrix ADC
Citrix ADM
Citrix CloudThe only Citrix component needed to serve as a channel for communication between Citrix Cloud and your resource locations is Citrix Cloud Connector. All connections are established from the Cloud Connector to the cloud using the standard HTTPS port (443) and the TCP protocol. No incoming connections are accepted. Cloud Connectors must be able to connect to Digicert for certificate revocation checks.
To find the list of addresses that are common to most Citrix Cloud services and their function, refer to product documentation. Citrix DaaS
Read more about Citrix License Server integration here. Read more about Citrix Provisioning Server integration here. Read more about the CVAD Remote Powershell SDK here Citrix Gateway ServiceBy default, the Gateway Service will proxy HDX connections via the Citrix Cloud Connectors, however Rendezvous Protocol changes the flow of HDX connections in an attempt to directly connect the Virtual Delivery Agent to the Gateway Service bypassing the Citrix Cloud Connectors Rendezvous Protocol and HDX Enlightened Data Transport Protocol (EDT)
The Virtual Delivery Agents must have access to https://*.nssvc.net, including all subdomains. Or https://*.c.nssvc.net and https://*.g.nssvc.net.
Read more about Rendezvous Protocol and HDX Enlightened Data Transport Protocol (EDT) requirements here. Citrix Workspace Environment Management Service
Read more about Citrix Workspace Environment Management Service requirements here. Citrix Endpoint ManagementRefer to the following link for Citrix Endpoint Management (XenMobile) Ports – Port Requirements. Citrix Gateway
For more information about required ports for Citrix Gateway in DMZ setup, refer to CTX113250.
Citrix Hypervisor
Read more about Citrix License Server requirements here.
Citrix License Server
Citrix SD-WAN
Citrix Virtual Apps and Desktops
Read more about Citrix License Server requirements here. Citrix App LayeringRefer to the following link for Citrix App Layering ports – Firewall Ports. Federated Authentication Service
Provisioning Services
Universal Print Server
Remote PC Access
Session Recording
StoreFront
Use the following information for configuration of firewalls when you place StoreFront in its own network:
Workspace Environment Management
Read more about Citrix Workspace Environment Management requirements here. Read more about Citrix License Server requirements here. |