Required Ports Reference

The following tables list UDP and TCP ports used by UniFi applications and services. This reference is especially useful for deployments using self-hosted UniFi Network Servers, third-party gateways, or restrictive firewalls.

In a full UniFi deployment with native gateways, these ports are opened automatically.

Protocol	Port	Direction	Usage
TCP/UDP	53	Both	DNS lookups for remote access, updates, and Guest Portal redirection (also required for UniFi Network)
UDP	123	Egress	NTP (time sync). Required for establishing secure connections
UDP	3478	Both	STUN for remote access (also required for UniFi Network)
TCP	443	Both	Remote Access service, application GUI/API access via web browser (also required for UniFi Network)
TCP	8883	Egress	Remote Access service
TCP	5349	Ingress	Remote access support

Protocol	Port	Direction	Usage
TCP/UDP	53	Both	DNS lookups for Guest Portal redirection and updates (also required for Remote Management)
UDP	3478	Both	STUN for device adoption and communication (also required for Remote Management)
TCP	5671	Ingress	Traffic Flow logging for UXGs adopted on L2 or L3 networks.
TCP	8080	Ingress	Device and application communication
TCP	8443	Ingress	Application GUI/API (on UniFi Console)
TCP	8880 – 8882	Ingress	Hotspot portal redirection (HTTP)
TCP	8843	Ingress	Hotspot portal redirection (HTTPS)
TCP	8444	Ingress	Secure Portal for Hotspot
TCP	6789	Ingress	UniFi mobile speed test
TCP	27117	Ingress	Local database communication
UDP	10001	Ingress	Device discovery during adoption
UDP	1900	Ingress	L2 discovery (“Make application discoverable on L2 network”)
UDP	5514	Ingress	Remote syslog capture
TCP/UDP	22	Both	SSH access (manual management, not used by default)
TCP	443	Both	Application GUI/API access via web browser (also required for Remote Management)

Protocol	Port	Direction	Usage
TCP	7441	Ingress	Outgoing RTSPS streams
TCP	7442	Both	WebSocket server for device communication
TCP	7443	Both	REST API (HTTPS)
TCP	7444	Both	WebSocket server for camera communication
TCP	7445	Ingress	Outgoing Protect streams
TCP	7447	Ingress	Outgoing RTSP streams
TCP	7550	Ingress	Camera streams
TCP	7552	Both	SSL camera connections
TCP	7888	Both	TCP Bridge

Stacked NVRs Only (MSR/MSP)

These ports are only required if using physically stacked NVRs. They should be added in addition to the ports above.

Protocol	Port	Direction	Usage
TCP	7446	Both	Protect streams between consoles
TCP	7451	Both	Protect streams between consoles
TCP	7600	Both	Protect application communications

Protocol	Port	Direction	Usage
UDP	2647	Ingress	Lutron Processor discovery (HomeWorks QSX, HomeWorks Wireless, RadioRA3)
UDP	5353	Ingress	Lutron Processor discovery (HomeWorks QS, RadioRA2)
TCP	18080	Ingress	Application GUI/API (on UniFi Console)
TCP	18443	Both	WebSocket server for device communication (HTTPS)
TCP	18884	Both	MQTT server for device communication
TCP	18888	Both	Internal Lutron proxy (between Lutron Processor and UniFi Connect)

Protocol	Port	Direction	Usage
TCP	12812	Both	MQTT server for device communication
TCP	12442	Both	WebSocket server (UCP4) for device communication
TCP	12443	Both	HTTPS server for device communication
TCP	12445	Both	Open API
TCP	12478	Both	WebRTC TURN server for device communication

Changing Default Ports on Network Server

Changing default port assignments is only supported on self-hosted UniFi Network Servers (Windows/macOS/Linux):

Close any running UniFi Network application.
Modify the system.properties file found in <unifi_base>/data/system.properties.
- Example: To change the shutdown port from 8081 to 8089, set unifi.shutdown.port=8089.
Restart the UniFi Network application.

Ensure no extra spaces, comments, or characters (e.g., #) appear on the modified line, or the change will be ignored.

Was this article helpful?

Social

Company

Training

Tools

Required Ports Reference

Remote Management

UniFi Network

UniFi Protect

Stacked NVRs Only (MSR/MSP)

UniFi Connect

UniFi Access

Changing Default Ports on Network Server

Was this article helpful?