What ports are used by the management gateway?

Version 7

    Description

    The Management Gateway must have communication to the following locations:

     

    1. Device on the public internet.
      1. Agents connect from the internet.
      2. Gateway connects to the LANDesk Activation servers.
      3. Gateway connect to the LANDesk update servers.
    2. The Core Server connects to the Management Gateway with a Secure Connection on port 443.
    3. Management connections, usually from the IT Adminsitrators' workstation to the Management Gateway.
    4. The Management Gateway can send out administrative emails.

     

    Port 443 is the only required port for full functionality

     

     

    Gateway to/from the Internet


    HTTP (TCP Port 80)

    • Incoming - Workstations on the internet connect to download tools such as the Remote Control Viewer and the On-demand Remote Control Agent. (this is optional and can also be done over 443)
    • Outgoing - Management Gateway updates and activation. (This can be narrowed down to just connect to license.landesk.com and patch.landesk.com on 80 via external firewall rule)

     

    HTTPS (TCP Port 443)

    • Incoming - Agent workstations connect from anywhere on the internet.
    • Outgoing - Management Gateway updates and activation. (This can be narrowed down to just connect to license.landesk.com and patch.landesk.com on 443 via external firewall rule)

     

    DNS (TCP and UDP Port 53)

    Note: This is not required for functionality as host entries can be made manually as well

    • Outgoing - DNS should only be required for resolving the activation server for online activation and for resolving the update servers for downloading and applying updates.
    • This may also be used to resolve the Core Server name.

     

    DNS (UDP Port 53)

    Note: This is not required for functionality as host entries can be made manually as well

    • Outgoing - DNS should only be required for resolving the activation server for online activation and for resolving the update servers for downloading and applying updates.

     

    Note: The hosts file can be configured with addresses for the Core Server, Activation Servers, and Update Servers.  See this article for more information: The Management Gateway Appliance Now Allows for Adding Host Entries to /etc/hosts through the Web Interface

    Core Server to/from the Gateway

    HTTPS (TCP Port 443)

    • Incoming - The Core Server establishes secure connections to the Management Gateway.

    Management connections

    SSH (TCP Port 22)

    • Incoming - SSH is only required for allowing remote administration and/or troubleshooting. This is not required for functionality

     

    HTTP (TCP Port 80)

    • Incoming - For access to the web interface allowing remote administration. (this is optional and can also be done over 443)
    • Incoming - Other local workstations may connect to download tools such as the Remote Control Viewer and the On-demand Remote Control Agent. (this is optional and can also be done over 443)

    Gateway to a Desired Mail Server

    SMTP (TCP Port 25)

    Note: This is not required for functionality

    • Outgoing - SMTP is only required for sending administrative emails to the email address configured to receive such alerts.