4 Replies Latest reply on Feb 4, 2013 3:49 PM by adamg23

    Port 3121?

    PaulFreedman Apprentice

      I've read the manual numerous times now and also the article stating Port requirements but I don't understand the usage of Port 3121. In a agent scenario it makes sense to open the port from clients to console as this is for agent communications. But what about in agentless scenarios?


      In the admin guide it states that Port 3121 is used for the Deployment Tracker....

                "The VMware vCenter Protect Patch Service listens on the same port as the other console services (TCP port 3121)"


      Int he port requirement doc it also states....

                Inbound Ports -

      Protect Console – Traffic to Shavlik NetChk Console serviceTCP 3121


      Can somebody if this port will need opening for an agentless deployment? If the console is listening on this port then do all machines connecting to the console need to have 3121 outbound enabled?





        • 1. Re: Port 3121?
          rbabcock Apprentice

          We used to have a machine in a subnet that had no rights to originate traffic to the console machine.  Scanning and deployments still worked, but the deployment tracker never saw the patches run.

          • 2. Re: Port 3121?

            The results of your deployments are sent back to the consoel machine on port 3121.  If it is not open outbound from your target machines to the console the deployment status is not going to be known for these targets on your console machine. 


            This will also mean that you would not receive Tracker updates from the Target Machine during the deployment process. 

            • 3. Re: Port 3121?
              PaulFreedman Apprentice

              If this is the case then why does the documentation http://www.shavlik.com/assets/docs/bp-prt-8-0-2.pdf pg 4 state that Port 3121 outbound from the Client is only required for Agents? This is very confusing.


              I currently only have Port 3121 inbound on my console and have tested a deploy to an agentless system in another domain, I can scant he machine and it reports missing patches and I can also track the deployment succesfully.

              • 4. Re: Port 3121?

                I confirmed with development that the deployment tracker is sending outbound on TCP 3121 so chances are that your systems are just not blocking outbound 3121. I apologize for the confusion in the documentation. I'll be escalating this as a documentation defect so the documentation should be updated in a future version.