This document will try to address the following questions:
- What ports do Ivanti Endpoint Manager ( EPM ) and LANDESK Management Suite ( LDMS ) use ?
- What ports need to be opened in my firewall ?
- What port(s) does component X use ?
- Does Ivanti / LANDESK have a ports list ?
- What TCP and UDP ports must be open on a firewall on a Linux machine for the Agent for Linux to work ?
- Do I need to open my firewall to let ICMP ECHO / ECHO REPLY packets pass ?
- Where can I find a network port diagram ?
Quite a few functionalities of LANDESK rely on ping (ICMP ECHO) to probe if the device or server is reachable. Disabling ICMP ECHO within the network might result in losing Ivanti / LANDESK functions, such as bandwidth awareness or usage of preferred server. The network port information has been divided into the following sections.
- Core Server
- Agent - Linux
- Agent - Mac
- Agent - Windows
- Management Gateway
- Mobile Device Manager Server
- PXE Representative
- Remote Console
Additionally a graphical representation of the data is attached to this article.
Note: It is recommended that all ports for a specific component be opened for backwards compatibility. Failing to open listed ports is not tested.
|TCP||443||Administration, Client, Core|
|UDP||67||Imaging (PXE Broadcast)|
|UDP||69||Imaging (PXE TFTP)|
|UDP||1758||Imaging (PXE MTFTP)|
|UDP||1759||Imaging (PXE MTFTP)|
|UDP||4011||Imaging (PXE Unicast)|
|TCP||1433||Rollup Core to SQL Servers|
|TCP||1433||SQL server to SQL server replication|
**Note that if you are using Preferred Servers and replicators in your environment, the same ports that are used from the client to the Core and from the Core to the Client are used. As the Preferred Server must be an agent, and as some of the Core's tasks are off-loaded to the Preferred Server, the other clients will talk to it across the same ports they talk to the Core Server on.