You are viewing a printer friendly version of this ESET Knowledgebase article.

ESET Knowledgebase

ESET Knowledgebase

Which ports does ESET Remote Administrator use? (6.x)

Solution

The table below lists all possible network communication ports used when ESET Remote Administrator and its components are installed in your environment. Other communication occurs via the native operating system processes (for example, NetBIOS over TCP/IP).

Important!

  • The pre-defined ports 2222, 2223 can be changed if they are already in use by other applications.
     
  • All the ports listed below must not be used by other applications.
     
  • Make sure to configure firewall(s) within your environment to allow for communication via the ports listed below.

 

Client (ERA Agent) or Apache HTTP Proxy machine

Protocol Port Description Open connections
TCP 2222 Communication between ERA Agents and ERA Server Inbound and outbound
UDP 1237 Wake-Up Call for IPv4 Inbound
UDP 1238 Wake-Up Call for IPv6 Inbound
TCP 3128 Listen to Apache HTTP Proxy Inbound*
* at the Apache HTTP Proxy machine open the port 3128 inbound and outbound.

 

ERA Proxy machine

Protocol Port Description Open connections
TCP 2222 Communication between ERA Agents and ERA Server Inbound and outbound

 

ERA Web Console machine (if not the same as ERA Server machine)

Protocol Port Description Open connections
TCP 2223 Communication between ERA Web Console and ERA Server, used for Assisted installation Inbound and outbound
TCP 443 / 80 Tomcat broadcasting the Web Console. Inbound and outbound


ERA Server machine

Protocol Port Description Open connections
TCP 2222 Communication between ERA Agents and ERA Server Inbound and outbound
UDP 1237 Wake-Up Call for IPv4 Inbound
UDP 1238 Wake-Up Call for IPv6 Inbound
TCP 3128 Listen to Apache HTTP Proxy Inbound*
 

TCP

1433/3306 Connection to an external database (only if the database is on a another machine). Outbound
TCP 389 LDAP synchronization. Open this port also on your AD controller. Inbound and outbound

* at the Apache HTTP Proxy machine open the port 3128 inbound and outbound.

 

ERA MDC machine

Protocol Port Description Open connections
TCP 9977 Internal communication between Mobile Device Connector and ERA Agent -
TCP 9978 Internal communication between Mobile Device Connector and ERA Agent -
TCP 9980 Mobile device enrollment Inbound
TCP 9981 Mobile device communication Inbound
TCP 2195

Sending notifications to Apple Push Notification services

(gateway.push.apple.com)

Outbound
TCP 2196

Apple Feedback service

(feedback.push.apple.com)

Outbound
TCP 443
  • Connection to the ESET licensing portal. (edf.eset.com)
  • DEP (mdmenrollment.apple.com)
  • Google push notifications (android.googleapis.com)
Outbound
TCP 2222 Communication (replication) between ERA Agent, MDC and ERA Server Outbound
TCP 1433 / 3306 Connection to an external database (only if the database is on a another machine). Outbound

 

MDM managed device

A mobile device managed by ERA needs access to these ports. You can allow them in your company Wi-Fi, if you connect there your mobile devices.
Protocol Port Description Open connections
TCP 9980 Mobile device enrollment Outbound
TCP 9981 Mobile device communication Outbound
TCP 5223 External communication with Apple Push Notification services (iOS) Outbound
TCP 443
  • Fallback on Wi-Fi only, when devices can't reach APNs on port 5223.(iOS)
  • Android Device connection to GCM server.
  • Connection to the ESET licensing portal.
  • LiveGrid (Android) (Inbound: https://i1.c.eset.com ;Outbound:  https://i3.c.eset.com )
  • Anonymous statistical information to ESET`s Threat Lab (Android) (https://ts.eset.com)
  • Apps categorization installed on the device. Used for AppGuard when blocking of some app categories was defined. (Android) (https://play.eset.com)
  • To send a support request using the Support Request function. (Android) (https://suppreq.eset.eu)

Outbound

Inbound and outbound (LiveGrid and Threat Lab)

TCP 5228, 5229, 5230 Sending notifications to Google Cloud Messaging (Android) Outbound
TCP 80
  • Modules update (Android) (http://update.eset.com)
  • Used only in the Web version. Info about latest app version update and download of a new version. (Android) (http://go.eset.eu)
Inbound

ERA Agent - used for remote deployment of ERA Agent to a target computer with Windows OS:

Protocol Port Description Open connections
TCP 139 Using the share ADMIN$ Inbound and outbound

TCP

445 Direct access to shared resources using TCP/IP during remote installation (an alternative to TCP 139) Inbound and outbound
 
UDP 137 Name resolution during remote install Inbound and outbound
UDP 138 Browse during remote install Inbound and outbound