Question(s):
This document will try to address the following questions:
- What ports does LANDesk Management Suite use?
- What ports need to be opened in my firewall?
- What port(s) does component X use?
- Does LANDesk have a ports list?
- What TCP and UDP Ports Must be Open on a Linux Agent's Firewall?
- Do I need to open my firewall to let ICMP ECHO/ECHO REPLY packages pass?
- Where can I find a network port diagram?
Answer:
ICMP
Quite a few functionalities of LANDesk rely on ping (ICMP ECHO) to probe if the device or server is reachable. Disabling ICMP ECHO within the network might result in loosing LANDesk functions, such as bandwidth awareness or usage of preferred server.
The network port information has been divided into the following sections.
- Core Server
- Agent - Linux
- Agent - Mac
- Agent - Windows
- Management Gateway
- Mobile Device Manager Server
- PXE Representative
- Remote Console
Additionally a graphical representation of the data is attached to this article.
Note: It is recommended that all ports for a specific component be opened for backwards compatibility. Failing to open listed ports is not tested.
Port # | Direction | Notes | |
|---|---|---|---|
| TCP | 25 |   | UDD |
| TCP | 80 |  | Activation, Client, Core Sync, Inventory, Patch Manager, Security Suite, Web Console |
| TCP | 139 | | Console, UNC |
| TCP | 389 | | LDAP |
| TCP | 443 | | Client, Console, Inventory, SLM, Software Distribution |
| TCP | 445 | | Console, UNC |
| TCP | 1433 | | Database (MS SQL Server) |
| TCP | 1521 | | Database (Oracle) |
| TCP | 5007 | | Inventory |
| TCP | 8092 | | Core, Console, AMT MPS Server |
| TCP | 9535 | | Remote Management |
| TCP | 9590 | | Console, SLM |
| TCP | 9591 | | Console, SLM |
| TCP | 9593 | | Software Distribution |
| TCP | 9594 | | Software Distribution |
| TCP | 9595 | | Agent Discovery |
| TCP | 9971 | | Agentless AMT Discovery |
| TCP | 9972 | | AMT Notification |
| TCP | 9982 | | AMT Discovery (VPro) |
| TCP | 12174 | | Remote Execute |
| TCP | 12175 | | Software Distribution (Policy) [version 8.7 & Older] |
| TCP | 12176 | | Software Distribution (Policy) [version 8.8 - Current] |
| TCP | 16992 | | HTTP AMT Management |
| TCP | 16993 | | HTTP AMT Management |
| TCP | 16994 | | AMT Hello Packets |
| TCP | 33354 | | Multicast |
| UDP | 9595 | | Agent Discovery |
| UDP | 33354 | | Multicast |
| UDP | 38293 | | Agent Discovery |
Port # | Direction | Notes | |
|---|---|---|---|
| TCP | 25 | | UDD |
| TCP | 80 | | Patch Manager, Inventory |
| TCP | 443 | | Client, Core, Inventory |
| TCP | 5007 | | Inventory |
| TCP | 9535 | | Remote Management |
| TCP | 9593 | | Software Distribution |
| TCP | 9594 | | Software Distribution |
| TCP | 9595 | | Agent Discovery |
| TCP | 12174 | | Remote Execute |
| UDP | 67 | | Imaging (PXE Broadcast) |
| UDP | 68 | | Imaging (PXE) |
| UDP | 69 | | Imaging (PXE TFTP) |
| UDP | 1759 | | Imaging (PXE MTFTP) |
| UDP | 4011 | | Imaging (PXE Unicast) |
| UDP | 9595 | | Agent Discovery |
Port # | Direction | Notes | |
|---|---|---|---|
| TCP | 25 | | UDD |
| TCP | 80 | | Patch Manager, Inventory, Software Distribution |
| TCP | 443 | | Client, Core, Inventory, Patch Manager, Software Distribution |
| TCP | 4343 | | HTML 5 Remote Control |
| TCP | 5007 | | Inventory |
| TCP | 9535 | | Remote Management |
| TCP | 9593 | | Software Distribution |
| TCP | 9594 | | Software Distribution |
| TCP | 9595 | | Agent Discovery |
| TCP | 12174 | | Remote Execute |
| TCP | 12175 | | Software Distribution (Policy) |
| TCP | 12176 | | Software Distribution (Policy) |
| TCP | 33354 | | Software Distribution (Peer Download, Multicast) |
| UDP | 9595 | | Agent Discovery |
| UDP | 33354 | | Software Distribution (Multicast) |
| UDP | 33355 | | Software Distribution (Multicast) |
Port # | Direction | Notes | |
|---|---|---|---|
| TCP | 22 | | SSH Administration |
| TCP | 25 | | Email Notification |
| TCP | 80 | | Activation, Patching |
| TCP | 443 | | Administration, Client, Core |
Port # | Direction | Notes | |
|---|---|---|---|
| TCP | 80 | | (Core Only) |
| TCP | 443 | | Enrollment |
| TCP | 2195 | | APNS (Apple) |
| TCP | 2196 | | APNS (Apple) |
| TCP | 5223 | | APNS (Apple) |
| TCP | 5228 | | C2DM (Google) |
Port # | Direction | Notes | |
|---|---|---|---|
| UDP | 67 | | Imaging (PXE Broadcast) |
| UDP | 68 | | Imaging (PXE) |
| UDP | 69 | | Imaging (PXE TFTP) |
| UDP | 1758 | | Imaging (PXE MTFTP) |
| UDP | 1759 | | Imaging (PXE MTFTP) |
| UDP | 4011 | | Imaging (PXE Unicast) |
Port # | Direction | Notes | |
|---|---|---|---|
| TCP | 80 | | Console, Core, HTTP Management |
| TCP | 139 | | Console, Core |
| TCP | 443 | | Console, Client, Core, SLM |
| TCP | 445 | | Console, Core |
| TCP | 8092 | | Console, Core, AMT |
| TCP | 9590 | | Console, Core, SLM |
| TCP | 9591 | | Console, Core, SLM |
| TCP | 9595 | | Agent Discovery |
| UDP | 68 | | Imaging (PXE) |
| UDP | 69 | | Imaging (PXE TFTP) |
| UDP | 1758 | | Imaging (PXE MTFTP) |
| UDP | 1759 | | Imaging (PXE MTFTP) |
| UDP | 4011 | | Imaging (PXE Unicast) |
| UDP | 9595 | | Agent Discovery |
| TDP | 1433 | | Database (MS SQL Server) |
Port # | Direction | Notes | |
|---|---|---|---|
| TCP | 25 | | UDD |
| TCP | 80 | | Patch Manager, Security Suite, Software Distribution, Inventory |
| TCP | 137 | | NetBIOS (non-domain clients) |
| TCP | 139 | | UNC |
| TCP | 443 | | Client, Core, Inventory, Software Distribution |
| TCP | 445 | | UNC |
| TCP | 4343 | | HTML5 Remote Control |
| TCP | 5007 | | Inventory |
| TCP | 9535 | | Remote Management |
| TCP | 9593 | | Software Distribution |
| TCP | 9594 | | Software Distribution |
| TCP | 9595 | | Agent Discovery |
| TCP | 9971 | | AMT Discovery |
| TCP | 9972 | | AMT Notification |
| TCP | 9982 | | AMT Discovery/VPro |
| TCP | 12174 | | Remote Execute |
| TCP | 12175 | | Software Distribution (Policy) [ver. 8.7 & Older] |
| TCP | 12176 | | Software Distribution (Policy) [ver. 8.8 - Current] |
| TCP | 16992 | | HTTP AMT Management |
| TCP | 16993 | | HTTPS AMT Management |
| TCP | 16994 | | AMT Hello Packet |
| TCP | 33354 | | Software Distribution (Peer Download, Multicast) |
| UDP | 67 | | Imaging (PXE Broadcast) |
| UDP | 68 | | Imaging (PXE) |
| UDP | 69 | | Imaging (PXE TFTP) |
| UDP | 1758 | | Imaging (PXE MTFTP) |
| UDP | 1759 | | Imaging (PXE MTFTP) |
| UDP | 4011 | | Imaging (PXE Unicast) |
| UDP | 9535 | | Device Discovery, XDD |
| UDP | 9595 | | Agent Discovery |
| UDP | 33354 | | Software Distribution (Multicast) |
| UDP | 33355 | | Software Distribution (Multicast) |
| UDP | 38293 | | Agent Discovery |
Port # | Direction | Notes | |
|---|---|---|---|
| TCP | 1433 | /images/GreenArrow.png | Rollup Core to SQL Servers |
| TCP | 1433 | | SQL server to SQL server replication |
**Note that if you are using Preferred Servers and replicators in your environment, the same ports that are used from the client to the Core and from the Core to the Client are used. As the Preferred Server must be an agent, and as some of the Core's tasks are off-loaded to the Preferred Server, the other clients will talk to it across the same ports they talk to the Core Server on.