Which ports do Omada Controller and EAP Discovery Utility use?
Programs use specific ports to send or receive data via a network. An Omada software controller or EAP Discovery Utility uses the ports on the host, while an Omada hardware controller uses the ports on its own hardware.
Ports fall into two groups: TCP (Transmission Control Protocol) ports and UDP (User Datagram Protocol) ports. Port numbers are limited, ranging from 1 to 65535 among each group. Such fact gives rise to a port collision when a program tries to use a certain port on a host, only to find the very port is occupied by another program.
From this article, you can learn which ports an Omada controller and an EAP Discovery Utility use, and how to troubleshoot a port-related problem when it happens.
An overview of the default ports
The ports which Omada Controller and EAP Discovery Utility use by default are listed in the following table.
Ports |
Omada Hardware Controller |
Omada Software Controller |
Omada Discovery Utility |
When the port is required |
Web Management and Portal |
||||
TCP 80 |
✔ |
|
|
1. Your browser opens the Omada controller’s management page via an “http” connection. (For Omada Hardware Controller) 2. Users are authenticated via an HTTP portal. (For Omada Hardware Controller v3.x and before version) |
TCP 443 |
✔ |
|
|
1. Your browser opens the Omada controller’s management page via an “https” connection. (For Omada Hardware Controller) 2. Users are authenticated via an HTTPs portal. (For Omada Hardware Controller v3.x and before version) |
TCP 8088 |
✔ |
✔ |
|
1. Your browser opens the Omada controller’s management page via an “http” connection. (For Omada Software Controller) 2. Users are authenticated via an HTTP portal. (For Omada Controller v4.x and later version) |
TCP 8043 |
|
✔ |
|
1. Your browser opens the Omada controller’s management page via an “https” connection. (For Omada Software Controller) 2. Users are authenticated via an HTTPs portal. (For Omada Software Controller v3.x and before version) |
TCP 8843 |
✔ |
✔ |
Users are authenticated via an HTTPs portal. (For Omada Controller v4.x and later version) |
|
EAP Discovery, Adoption, Management, and Upgrade |
||||
UDP 29810 |
✔ |
✔ |
✔ |
Discover Omada devices (Applied to all versions of Omada Controller and Omada Discovery Utility.) |
TCP 29811&29812 |
✔ |
✔ |
✔ |
Adopt & Manage Omada devices. (Applied to Omada Controller v4.x and before version, Omada Discovery Utility v4 and before version.) |
TCP 29814 |
✔ |
✔ |
✔ |
Adopt & Manage Omada devices. (Applied to Omada Controller v5.x and later version, Omada Discovery Utility v5 and later version.) |
TCP 29815 |
✔ |
✔ |
Starting from v5.9, Omada Controller receives Device Info, Packet Capture Files, and DPI Application Statistic Data from the Omada devices. |
|
TCP 29816 |
✔ |
✔ |
Starting from v5.9, Omada Controller establishes the remote control terminal session with the Omada devices. |
|
TCP 29813 |
✔ |
✔ |
|
Upgrade Omada devices. (Applied to Omada Controller v4.x and before version.) |
TCP 443 |
✔ |
Upgrade Omada devices. (Applied to Omada Hardware Controller v5.x and later version.) |
||
TCP 8043 |
✔ |
Upgrade Omada devices. (Applied to Omada Software Controller v5.x and later version.) |
||
Initialization Check |
||||
UDP 27001 |
|
✔ |
|
1. Check whether another controller is running in the LAN during initialization. (For Omada Software Controller v3.x) 2. In Omada Controller v4.x and later version, this port is mainly used for discovering the Omada Controller in the LAN by Omada App. |
TCP 27002 |
|
✔ |
|
Gather information about another controller in the LAN. (Only for Omada Software Controller v3.2.4 and before version. This port has been discarded in the later version) |
Database Access |
||||
TCP 27017/27217* |
|
✔ |
|
The Omada Software Controller accesses the built-in database. |
Note:
TCP 27217 is used to access the built-in database for Controller Software V3.0.0 or later version. Before Controller Software V3.0.0, TCP 27017 is used instead.
Examples of Omada Controller using ports
In this section, we take two examples to explain how Omada Controller uses ports.
When an Omada controller initializes, it should confirm that no other controller is running in the LAN. Otherwise, it stops initializing and launches the web page of the running controller instead. A conversation takes place as shown in the following figure and table.
Step 1 |
The initializing controller sends a self-introductory message to UDP port 27001 of every host in the LAN. A running controller, if any, listens on the port and receives the message. |
Step 2 |
The running controller sends information about itself to TCP port 27002 of the initializing controller. |
- When the Omada controller discovers an Omada device
When an Omada device is powered on, the Omada controller in the LAN can discover it.
A conversation takes place as shown in the following figure and table. Here takes Omada EAP for example.
Step 1 |
The EAP doesn’t know exactly where the controller is, so it sends a self-introductory message to UDP port 29810 of every host in the LAN. |
Step 2 |
The Omada controller listens on the port, receives the message and replies to the EAP via the same port. |
How to change the port used by Omada Software Controller.
Please check this FAQ for details.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
What should I do if it prompts that another Omada controller is running in the LAN (Only for Controller Software V3)
- Issue
As mentioned above, UDP port 27001 is used to check whether the Omada controller is the only controller in the LAN.
If another controller is running, TCP port 27002 is used to gather information about that controller and the following warning occurs:
An Omada Controller has been running on the PC xx.xx.xx.xx in the LAN. Please close this window and log into the running Omada Controller.
Note: xx.xx.xx.xx should be the IP address of the running controller.
- Solution
This is not a major problem. Typically, you only need one controller in a LAN. Since another controller is running in the LAN, this controller stops initializing and launches the web page of the running controller instead. Anyway, if you want to run this controller, close or disconnect the running controller, and then rerun this one.
What should I do if it prompts that the port is occupied by another program
- Issue
Let’s take Omada software controller for example. When you launch a software controller, it performs a scan of the required ports on the host (the software controller only cares about the port number regardless of its TCP/UDP type). If any of the required ports are occupied by another running program, initialization fails and one of the following error occurs:
1. Port X is already in use. Release the port and try again.
2. Port X is already in use. Release the port and try again. You can check if EAP Discovery Utility is working on your runtime environment. Omada Controller cannot work with EAP Discovery Utility on the same host.
Note: Port X should be the port in collision. Any programs using the port can cause the error while EAP Discovery Utility is the most common case.
- Solution
Take the following steps to troubleshoot the problem:
Note: As an example, here we run the Omada software controller V3.2.4 on Windows 10. Details might vary on other Operating Systems or software versions of Omada Controller.
Step 1: Check whether another software controller or an EAP Discovery Utility is running.
Close the EAP Discovery Utility or the other software controller if it is running. Then rerun this one.
Step 2: Search for the program that occupies the ports.
1) Press “ +R “ on your keyboard. Input “cmd” and click OK. The command window pops up.
2) Enter the following command to check which program occupies the ports:
netstat -ano | findstr "8043 8088 27001 27002 27217 29810 29811 29812 29813"
In this case, one program occupies TCP 27217, and another UDP 29810.
The last column shows their PIDs (Process ID, the unique identification for any process of a running program), that is 9024 and 3464.
3) Enter the following command to search for their names:
tasklist | findstr “9024 3464”
Note: Replace the number 9024 and 3464 with the PIDs in your case.
In this case, program A and program B are occupying the ports. If you decide to close or shut down those programs, go to Step 3-a.
If you must run those programs, you can alter certain ports (except port 29810, 29811 or 29812) of the software controller, refer to Step 3-b.
Step 3-a: Close or shut down those programs that occupy the ports.
1) Now that you know the name of the programs, you can simply find their windows and close them. Yet some programs run in the background and don’t show a window. Anyway, you can close them forcibly if necessary by entering the following command. Use it with extreme care, because a misuse can lead to system breakdown or data loss.
taskkill /f /t /pid “9024” /pid “3464”
Note: Replace the number 9024 and 3464 with the PIDs in your case.
2) Again check whether those ports are occupied. As the following figure shows, no results are returned this time, which indicates that the ports are not occupied any longer. Now rerun the software controller. If this doesn’t work, contact TP-Link technical support.
Step 3-b: Change certain ports (except port 29810, 29811 or 29812) of the software controller.
You can change the ports used by the software controller in its configuration files.
Follow the instructions below to change certain ports (except port 29810, 29811 or 29812) to available ports that won’t cause collisions.
1) Search the path where you install the software controller.
Enter its properties subfolder, find the configuration files and items where the required ports are set according to the following table.
File |
Port Setting |
mongodb.properties |
eap.mongod.port=27217* |
jetty.properties |
http.connector.port=8088* https.connector.port=8043* |
netty.properties |
controller.discovery.port=27001* controller.search.port=27002 eap.discovery.port=29810* eap.manage.port=29811* eap.adopt.port=29812* eap.upgrade.port=29813 |
Note:
1. TCP 27217 is used to access the built-in database for Controller Software V3.0.0 or above. Before Controller Software V3.0.0, TCP 27017 was used instead.
2. If you change http.connector.port 8088 or https.connector.port 8043, the port used in portal authentication process also changes accordingly.
3. For Omada Software Controller V3.2.4 and earlier, If you want to use multiple Omada Controllers in a LAN, try changing the controller.discovery.port 27001.
4. Port 29810, 29811 and 29812 are required for EAP discovery, adoption and management. As EAPs are supposed to work with these ports, don’t change them.
2) Open the file using a text editor. Change the port to another available port number (should fall between 1024 and 49151) that won’t cause port collisions.
For example, you can change eap.mongod.port from 27217 to 27218. If you are not sure whether the new port causes a collision.
Check it using the following command.
netstat -ano | findstr "27218”
Note: Replace the number 27218 with the port number that you want to set.
As the following figure shows, no results are returned, which indicates that the new port is not occupied.
Now save the configuration files and rerun the software controller. If this doesn’t work, contact TP-Link technical support.