cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Advocate IV
Advocate IV

Enterprise Gateway: Opening ports 5671-5672 and 9350-9354 essential?

Hello,

In order to let Enterprise Gateway communicate with the Power BI service, I understand that one needs to allow outbound traffic on certain ports.

While opening the firewall for HTTPS traffic is no problem, my customer doesn't like the prospect of opening the ports 5671-5672 and 9350-9354 for a protocol which can't be checked like they do with HTTPS. This seems due to the fact that Service Bus is binary, while HTTPS is XML (I hope that is true?) I know that for e.g. Data Management Gateway opening ports for service bus is optional (LINK)

 

My Questions:

- Did i get the information about the properties of the two kinds of protocol correctly?

- Is opening ports 5671-5672 and 9350-9354 for Power BI essential? Or is that only needed for certain features? If yes, which features?

 

Thanks a lot for any hint!

2 ACCEPTED SOLUTIONS
Continued Contributor
Continued Contributor

@Sokon

 

According to the Power BI Security Whitepaper, those ports you mentioned are the preferred ports. They will fall back to port 443, if communications on those other ports don't work. Maybe someone on the Power BI team can confirm this.

 

Maybe @dimazaid?

View solution in original post

4 REPLIES 4
Continued Contributor
Continued Contributor

@Sokon

 

According to the Power BI Security Whitepaper, those ports you mentioned are the preferred ports. They will fall back to port 443, if communications on those other ports don't work. Maybe someone on the Power BI team can confirm this.

 

Maybe @dimazaid?

View solution in original post

@dimazaid @wonga

 

Thanks a lot for your help! I'm still working on getting our people to verify your suggestions. Going to report any results as soon as there are any... Smiley Happy

Regular Visitor

The Power BI security whitepaper indicates that if https is used for communication then you only need to open port 443 only. Correct?

 

This part is from the Power BI security whitepaper:

 

  • The gateway supports the following two communications protocols:

    • AMQP 1.0 – TCP + TLS: This protocol requires ports 443, 5671-5672, and 9350-9354 to be open for outgoing communication. This protocol is preferred, since it has lower communication overhead.

    • HTTPS – WebSockets over HTTPS + TLS: This protocol uses port 443 only. The WebSocket is initiated by a single HTTP CONNECT message. Once the channel is established, the communication is essentially TCP+TLS. You can force the gateway to use this protocol by modifying a setting described in the on-premises gateway article.

Helpful resources

Announcements
secondImage

Happy New Year from Power BI

This is a must watch for a message from Power BI!

December Update

Check it Out!

Click here to read more about the December 2020 Updates!

Community Blog

Check it Out!

Click here to read the latest blog and learn more about contributing to the Power BI blog!

Get Ready for Power BI Dev Camp

Get Ready for Power BI Dev Camp

Mark your calendars and join us for our next Power BI Dev Camp!.

Top Solution Authors