Which ports does ESET Remote Administrator use? (5.x)

Solution

End of support for version 5.2 and 5.3 of ESET Remote Administrator

This article applies to version 5.x of Remote Administrator. ESET Remote Administrator version 5.3 is currently in limited support status and will soon be in Basic support status.

ESET Remote Administrator version 5.2 is currently in Basic support status and will soon reach End of Life status. End of life status for both of these versions is expected to occur in December 2019. After this date, the products will no longer receive detection updates to protect against malware.

ESET Remote Administrator (ERA) requires certain ports to be open in order to function properly. The table below lists the possible network communications used when ESET Remote Administrator Server (ERAS) is installed. The process EHttpSrv.exe listens on TCP port 2221 and the process era.exe listens on TCP ports 2222, 2223, 2224 and 2846. Other communications occur using native operating system processes (for example, "NetBIOS over TCP/IP").

For more information regarding ports used by ERA, consult section 2.1.3 (page 12) of the ESET Remote Administrator Manual.

Protocol Port Description
TCP 2221 (ERAS listening) Default port used by the Mirror feature integrated in ERAS (HTTP version)
TCP 2222 (ERAS listening) Communication between clients and ERAS
TCP 2223 (ERAS listening) Communication between ESET Remote Administrator Console (ERAC) and ERAS

 If you are using all features of the program, the following network ports need to be open:

Protocol Port Description
TCP 2224 (ERAS listening) Communication between the agent einstaller.exe and ERAS during remote install
TCP 2225 (ERAS listening) Communication between the ESET Dashboard HTTP Server and ERAS
TCP 2846 (ERAS listening) ERAS replication
TCP 139 (target port from the point of view of ERAS) Copying of the agent einstaller.exe from ERAS to a client using the share admin$
UDP 137 (target port from the point of view of ERAS) "Name resolving" during remote install
UDP 138 (target port from the point of view of ERAS) "Browsing" during remote install
TCP 445 (target port from the point of view of ERAS) Direct access to shared resources using TCP/IP during remote install (an alternative to TCP 139)

Firewall settings

All ports listed in the table above must be open in order for all components of ERA to properly function.

 

Additional resources