2 Replies Latest reply on Jun 2, 2015 9:04 AM by esmoore

    Port exceptions required for software distribution, inventory, and patch management

    esmoore Rookie

      At our libraries, we use Cisco Meraki devices to filter and manage Internet access for the patron computers. Currently, the Core Server and clients do not have direct communication with one another--the clients must be managed through the LDMG appliance. We are looking at what ports we must open in the Meraki to allow direct communications between the patron and staff LANs. Because of the work involved in adding the port exceptions, we are looking at enabling only the minimum set of ports required to support inventory scans, software distributions, and patch management and compliance. I reviewed the master list of all ports, and identified the following as the bare minimum we require. Could someone confirm I didn't miss anything?

       

      Also, the Meraki does not allow us to add an exception to allow ICMP pings. Will this affect any features of LANDesk, aside from the ability of the LDMS to detect a client's status and to use multicast with push-based deliveries?

       

      TCP 80:  Bidirectional

      TCP 135:  Core Server to Agent

      TCP 139/445:  Agent to Core Server

      TCP 443:  Agent to Core Server

      TCP 5007:  Agent to Core Server

      TCP 9535:  Bidirectional

      TCP 9593:  Core Server to Agent

      TCP 9594: Bidirectional

      TCP 9595: Bidirectional

      TCP 12174:  Core Server to Agent

      TCP 12175/12176: Agent to Core Server

      UDP/TCP 33354:  Bidirectional

      UDP 33355:  Core Server to Agent

      UDP 38293: Bidirectional

       

       

      Eric Moore

      IT Technician

      High Plains Library District