Question
What ports need to be open in the firewall to resolve connection issues with the cPanel license servers?
Answer
Port 2089 outbound is the official license port. You must configure your system to permit outbound TCP connections from source ports 4 and 1020 to the destination port 2089. This will allow the server to contact the cPanel, L.L.C. license servers.
If this port fails to connect, the software will also try connecting outbound with the following ports, and so we advise that these also be opened in the firewall:
- 23
- 25
- 80
- 110
- 143
- 993
- 995
Port 2083 inbound is used to deploy the license file, so it must also be open. DNSOnly servers do not listen on port 2083, so port 2087 would need to be open for inbound traffic on those servers instead. Lastly, servers should have port 53 open outbound for TCP and UDP traffic in order to resolve the DNS for the licensing servers.
If you wish to restrict these ports, you can choose to open them only to the license server IPs. The license server IPs can be found by querying the active DNS records for auth.cpanel.net.
# dig +short auth.cpanel.net
208.74.121.82
208.74.123.3
208.74.121.86
208.74.121.85
208.74.121.83
208.74.123.2
Note: These IPs are subject to change without notice at any time.
Comments
0 comments
Article is closed for comments.