ArcGIS Server uses certain ports to communicate with machines on the internet and intranet. Below is a description of the ports that you may need to allow on your firewall.
HTTP port 6080
ArcGIS Server communicates through port 6080, and you must ensure that your firewall allows HTTP communication through this port. If you don't want users of the server to know about or include port 6080 in their requests, the recommended action is to install the ArcGIS Web Adaptor. See About the ArcGIS Web Adaptor to learn more.
HTTPS port 6443
When HTTPS is enabled, ArcGIS Server uses port 6443 by default.
ArcGIS Server uses three ports for communication between ArcGIS Server machines. When you create or join a site, these are assigned to ports 4000–4002. If any of those ports are in use by other applications, those ports are skipped and a corresponding number of additional ports are used beyond 4002.
You must ensure that your firewall allows communication with other ArcGIS Server machines through three ports beginning with 4000 and not counting any port currently in use by another application.
You can use the ArcGIS Server Administrator Directory to see where the ports were assigned (and thus which ports you should open on your firewall). Click machines > <Machine Name> > Ports to see the port assignments. Notice that the ports are named according to their function. The port names do not have to match the port numbers between ArcGIS Server machines. For example, the NamingPort may be 4003 on one ArcGIS Server and 4006 on a different ArcGIS Server.
Use a different set of port numbers
If you want ArcGIS Server to use a different set of port numbers, log in to the Administrator Directory and click machines > <Machine Name> > edit. In the list of ports, type the new port numbers you want to use and click Save Edits. You can do this on each ArcGIS Server machine participating in the site.
Cluster ports (4004 and above)
Each cluster on your site uses a unique port. This port must allow communication from all machines in the cluster. In a typical site, the default cluster uses port 4004 (unless any of the ports in the previous section are assigned to 4004).
Whenever you create a cluster, you must specify the cluster port or accept the default, which is the next available port above 4004.
When you view a cluster in the Administrator Directory, you can see which port it is using. Just click clusters, and click the name of your cluster.
Internally used ports (1098, 6006, 6099, others)
Ports 1098, 6006, 6099, and other random ports are used by ArcGIS Server to start processes within each ArcGIS Server machine. You do not have to open these ports for access by other machines; however, you should be aware that ArcGIS Server is using them in case you run other applications that require the same ports.
If the ArcGIS Server installation detects that one of these ports is in use, it automatically increments the port number it uses. For example, if it detects that another application is already using 1098, it uses 1099 if that port is available.
When ArcGIS Server is installed on a server machine, avoid using your firewall to obstruct internal communication within that machine.
If restrictive firewall policies are preventing your site from being created (usually evidenced by an error message Failed to create the service 'System/CachingTools.GPServer'), you can adjust your firewall to explicitly allow the ArcGIS Server processes. For example, with Windows Firewall, you can add new inbound rules that allow the following four programs:
- <ArcGIS Server installation location>\bin\ArcSOC.exe
- <ArcGIS Server installation location>\framework\etc\service\bin\ArcGISServer.exe
- <ArcGIS Server installation location>\framework\runtime\jre\bin\javaw.exe
- <ArcGIS Server installation location>\framework\runtime\jre\bin\rmid.exe
The Windows account running ArcGIS Server must also have access to the Command Prompt.
Ports used by ArcGIS GeoAnalytics Server
If you deploy ArcGIS Server as ArcGIS GeoAnalytics Server, ports 2181, 2182, 2190, 56540-56545, and 7077 are also used for intermachine communications.