QUESTION:
What communication ports are used by the CCH Central Suite?
ANSWER:
- The CCH Central suite is a VB.NET/C# based Microsoft .NET Framework 4.8 client with a SQL Server backend.
- The presentation and business logic is held within the client.
- The SQL Server database also encapsulates business logic within stored procedures, functions and CLR objects.
- There is a service broker object running (it handles audit trail, reporting workloads, etc.) and this is for internal database-bound messaging only.
- There are a number of Windows WCF services that support suite operations.
The following table contains a list of all communication ports used by the CCH Central suite.
| Host | Target | Direction | Type | Port | Notes |
| Client (.NET 4.0) | Server (SQL) | Inbound | TCP | 1433 | Port can be configured in app connection file |
| Server (SQL) | Client (.NET 4.0) | Outbound | TCP | Any | You can lock this down but this is just the return communications to the client |
| Client (.NET 4.0) | Support Portal | Outbound | TCP | 80 | HTTP communications to Support Portal web portal |
| | Server (SQL) | Inbound | UDP | 1434 | If using browser and no port defined in app connection file. Also depends on default or named SQL instance |
| WCF Service (DM) | SQL Server | Both | TCP | 20555,
20600,
20601, | Can be configured in app settings |
| WCF Service (Workflow) | SQL Server | Both | TCP | 20600,
20601, | Can be configured in app settings |
| WCF Service (OCR) | SQL Server | Inbound | TCP | 1433 | Port can be configured in app connection file |
| WCF Service (Portal) | SQL Server | Inbound | TCP | 1433 | Port can be configured in app connection file |
| Client (.NET 4.0) | WCF Service (Portal) | Inbound | TCP | 50110 | |
| WCF Service (Portal) | Azure | Outbound | TCP | 9354 | Due to be deprecated 2017 |
| WCF Service (Portal) | Azure | Outbound | TCP | 443 |
SSL communications to online API
(URIs used are:
- prod-sb-pp-servicebus.windows.net
- prodsyncworker.blob.core.windows.net
- api.service.hmrc.gov.uk
- *.accountantspace.co.uk
)
|
| WCF Service (Practice Portal) |
Azure
| Outbound | TCP | 5671, 9350, 9351, 9352 | Client area and Practice Portal Mobile app |
| Twinfield | Web | Both | TCP | 80, 443 | 107.154.76.47 (http://accounting.twinfield.com or https://accounting.twinfield.com) |
| iXBRL R&T | Web | Both | TCP | 80,443 | https://xmlgw.companieshouse.gov.uk/v1-0/xmlgw/Gateway |
| ABBYY SDK 10 Licensing Service (OCR) | Web | Both | TCP | 443 | *.abbyy.com |
----------------------------------------------------------------------------------------------------------------------
Notes:
1: During installation we define a set of inbound rules on the computer. We do not define outbound rules but if your firewall is locked down in both directions then you'll need to configure this side also.
If using a named instance then you can avoid the use of UDP 1434 port rules if you define the communications port in the app connection files.
----------------------------------------------------------------------------------------------------------------------
2: The WCF services (the number required depends on modules purchased/licensed) would typically be located on the database server. However, a dedicated application server can be provisioned to host the WCF services if these services cannot be located on the database server due to an in-house security policy.
The OCR service would typically reside on a dedicated scanning machine.
----------------------------------------------------------------------------------------------------------------------
3: Compliance modules communicate with the HMRC Gateway via the HTTPS://transaction-engine.tax.service.gov.uk/submission URL. Communication is via TCP/IP over the standard HTTPS port 443.
----------------------------------------------------------------------------------------------------------------------
4: If you are using a proxy server then you will need to amend the Central configuration file to include the proxy server configuration details.
----------------------------------------------------------------------------------------------------------------------
5: Twinfield Integration communicates via ports 443 and 80 to IP Address 107.154.76.47 (http://accounting.twinfield.com or https://accounting.twinfield.com)
----------------------------------------------------------------------------------------------------------------------
6: Communication with Companies House for submissions via iXBRL Review & Tag is performed over HTTP/HTTPS on port 80/443 (https://xmlgw.companieshouse.gov.uk/v1-0/xmlgw/Gateway)
----------------------------------------------------------------------------------------------------------------------
