Port Mapping
Corellium appliances use a number of ports for different purposes. This guide provides an overview of the ports used by Corellium appliances depending on the type of installation.
Descriptions of Ports Used
The direction listed for each port is from the perspective of the Corellium appliance. To clarify, an inbound connection refers to an external system initiating a connection to the Corellium appliance, while an outbound connection refers to the Corellium appliance initiating a connection to an external system (such as your local workstation).
Whether a port needs to be manually configured in your networking setup depends on how you access the Corellium appliance. If all systems are on the same local network (same subnet), firewall or port changes are usually not required.
General Usage
The following table lists the ports used by Corellium.
| Port | Protocol | End Point | Direction | Description |
|---|---|---|---|---|
| 22 | TCP | Appliance & Virtual HW | Inbound | Used for SSH access to the Corellium appliance |
| 443 | TLS | Appliance & Virtual HW | Bidrectional | HTTPS traffic |
| 1234 | TCP | Virtual HW | Inbound | Not required (but often used for debugserver) |
| 1900 | TCP | Service IP | Inbound | CoreModel I/O interfaces |
| 2000 | TCP | Service IP | Inbound | Port for device console |
| 4000 - 4003 | TCP | Service IP | Inbound | GDB port |
| 5000 | TCP | Service IP | Inbound | USBFlux |
| 5001 | TCP | Service IP | Inbound | Port on the remote device that accepts ADB connections |
| 27820 | UDP | Service IP | Outbound | Turn server / coturn (WebRTC). Though initiated outbound, bidirectional UDP or TLS traffic is required. Alternatively, you can opt for TCP over TLS for WebRTC traffic. |
| 27821 | UDP | Service IP | Outbound | Backup coturn port. Requires bidirectional UDP or TLS traffic for WebRTC. |
Installations
When installing updates for server appliances, Corellium uses the following additional ports.
| Port | Protocol | Direction | Description |
|---|---|---|---|
| 8086 | TCP | Inbound | HTTPS port to access installer web interface after starting a Corellium update |
| 8088 | TCP | Inbound | HTTPS port to access the "Reconfigure Corellium" page on server appliances |
Ports Used by Installation Type
On-site deployments can be configured in a number of ways.
Combined Installations
A combined installation is a single machine that acts as both the controller and compute node.
Corellium uses the following ports: 22, 443, 1234, 1900, 2000, 4000, 4001, 4002, 4003, 5000, 5001, 8086, 8088, 27820, and 27821.
Cluster Installations
A cluster installation consists of one dedicated controller node and one or more additional compute nodes.
Corellium uses the following ports on the controller node: 22, 443, 444, 8086, 8088, 27820, and 27821.
Corellium uses the following ports on the compute nodes: 22, 1234, 1900, 2000, 4000, 4001, 4002, 4003, 5000, 5001, 27820, and 27821.
Hybrid Installations
A hybrid installation consists of one combined node (controller and compute) and one or more additional compute nodes.
Corellium uses the following ports on the combined node: 22, 443, 444, 1234, 1900, 2000, 4000, 4001, 4002, 4003, 5000, 5001, 8086, 8088, 27820, and 27821.
Corellium uses the following ports on the compute nodes: 22, 1234, 1900, 2000, 4000, 4001, 4002, 4003, 5000, 5001, 27820, and 27821.