If your servers are behind firewall, the following common ports need remain open.
IMail 8383
HTTP 80
PCAnywhere 5632
PCAnywhere Data 5631
Remote Desktop Protocol (Terminal Service) 3389
SQL Server 1433
SQL Monitor 1434
SSL 443
NetBios (can be disabled if SQL is shifted to TCP/IP and shares removed) 139
IMAP 143
POP 110
DNS 53
SMTP 25
FTP 21
RPC 593
LinkPoint Port (Required open for LinkPoint merchants only) 1139
Firewall Settings When Using Hosting Controller Secondary Setup for Windows
If you are using Hosting Controller remote setup which uses DCOM for communication between primary and secondary machine, then you need to open port 135 which is used by DCOM. The firewall between your server and the Internet should be configured as follows:
Deny all incoming traffic from the Internet to your server. Permit incoming traffic from all clients to TCP port 135 (and UDP port 135, if necessary) on your server. Permit incoming traffic from all clients to the TCP ports (and UDP ports, if necessary) on your server in the Ports range 100-5000. If you are using callbacks, permit incoming traffic on all ports (range is 100-5000) where the TCP connection was initiated by your server.
Firewall Settings When Using Hosting Controller Remote Setup for Linux
If Hosting Controller Secondary Setup for Linux is used and if the secondary server is running on the other side of the firewall, then you need to open port 33333.