I am configuring a windows firewall to allow only traffic to and from the PI Interface/Connector and the PI Server. I am having trouble finding a guide of what ports are being used.
I am not sure if this is what you are looking for but from a command prompt you can enter 'netstat -b' and this will generate a list of processes and their corresponding IP addresses with Port numbers such as this:
TCP 192.168.6.54:49810 YOUR_HOST_SERVER_NAME_HERE:5450 ESTABLISHED [PIPerfMon.exe]
The port number for the PI Performance Monitoring Interface (aka PIPerfMon.exe) in this case is 49810.
Also, if you know the Process ID (aka PID) of the interface in question you can run this PowerShell script:
$theProcessUsingIt = Get-Process -Id 5900write $theProcessUsingIt$thePortItRunsOn = Get-NetTCPConnection -OwningProcess 5900write $thePortItRunsOn
In this case the PID is 5900 and this will generate a list of attributes and values, which will have one line of:
LocalPort : 49810
Thank you James. I think this will be helpful.
Our interfaces always connect to the PI Data Archive on port 5450 (inbound to the data archive machine), the return traffic to the interface is then on an ephemeral port (port 49810 in the case above). As most firewalls are stateful these days, typically all that is necessary is to allow communication from the interface machine to the data archive machine on port 5450, and the firewall will allow the return traffic.
Similarly our connectors communicate with the data archive on port 5450, but in addition they will also communicate with the AF server on port 5457.
This is probably because the port requirements could differ per interfaces so I would recommend you check for each interface/connector user guides for the details.
For the OPC interface, we have the following article because it's so common: 2973OSI8 - Configuring ports for DCOM for use with the OPC Interface. NAT and Firewall considerations
But the connectors with administration self-hosted web pages might require a port open for configuration as well.
Retrieving data ...