Important TCP/UDP ports

Depending on the application case, unsecured protocols must be deactivated or secured by a lower-level layer, for example by a physically secured network or VPN.

In the case of secured protocols, the security must be commissioned in accordance with the product documentation.

Standard services

The table below provides an overview of the incoming ports that are opened in the normal case in the delivered images

Service	Ports (incoming)
IPC diagnostics	OPC UA: 4852 / tcp https: 443 / tcp
Remote Desktop – RDP (Windows 7/10 only)	3389 / tcp
TwinCAT ADS	Discovery: 48899 / udp (also outgoing) Not secured: 48898 / tcp (also outgoing) Secure ADS: 8016 / tcp (also outgoing)

Service

Ports (incoming)

IPC diagnostics

OPC UA: 4852 / tcp

https: 443 / tcp

Remote Desktop – RDP (Windows 7/10 only)

3389 / tcp

TwinCAT ADS

Discovery: 48899 / udp (also outgoing)

Not secured: 48898 / tcp (also outgoing)

Secure ADS: 8016 / tcp (also outgoing)

Further services

The table below provides an overview of frequently used services that can additionally be opened

Service	Ports (incoming)
SMB	137-139 / tcp or 445 / tcp
Cerhost (Windows CE)	987 / tcp
FTP	21 / tcp

Service

Ports (incoming)

SMB

137-139 / tcp or

445 / tcp

Cerhost (Windows CE)

987 / tcp

FTP

21 / tcp

TwinCAT services

The table below provides an overview of the ports typically used with TwinCAT products:

Service	Port (default setting)
TF1810 TwinCAT PLC HMI Web	80 / tcp (incoming) See also: Documentation on TF1810
TF2000 TwinCAT HMI	1010 / tcp (local) 1020 / tcp (incoming) See also: Documentation on TF2000
TF6100 OPC UA	4840 / tcp (UA Server, incoming), changeable 48050/tcp (UA Gateway, incoming), changeable See also: Documentation on TF6100
TF6100 OPC DA	Dynamic (depending on DCOM) between 1024 and 65535 (incoming) See also: Documentation on TF6120
TF6250 Modbus TCP	502 / tcp (incoming), can be changed See also: Documentation on TF6250
TF6310 TCP-IP	can be changed / tcp (incoming, outgoing) See also: Documentation on TF6310
TF6311 TCP/UDP Realtime	can be changed / tcp (incoming, outgoing) The communication cannot be influenced by an operating system firewall. See also: Documentation on TF6311
TF6300 FTP	20 / tcp (outgoing) 21 / tcp (outgoing) See also: Documentation on TF6300
TF6420 Database Server	changeable depending on the database / tcp (outgoing) See also: Documentation on TF6420
TF67xx IoT TF35xx Analytics	changeable depending on the broker / tcp (outgoing) See also: Documentation on TF670x and TF35xx
TwinCAT EAP	34980 / udp (incoming), if EAP is used via UDP. The communication cannot be influenced by an operating system firewall. See also: Documentation on EAP
TwinCAT ADS-over-MQTT	changeable depending on the broker / tcp (outgoing) See also: Documentation on ADS-over-MQTT