KB_42: FAQ: What IP addresses does the MicroAgent need open for outbound communication?
Question: Does the MicroAgent work with a proxy server? What IP addresses does the MicroAgent need open?
Answer: Our service works with most proxy servers and firewalls. The current exceptions are SOCKS proxy and authenticated ISA proxy. The following list identifies the required IPs and Ports for our service to work.
Main Exception Rule:
IP Range for TriActive MA, Help Desk, Remote, CSC, Manager:
Network Address:
PROD 66.45.78.64 /26 (range covers x.x.x.64-128)
Network Mask: 255.255.255.192
ROOT NOC: 4.78.11.160/255.255.255.240
Open ports 80 and 443 (HTTP/HTTPS) and
Open TCP ports 463, 90, 9090; these are the ports the MicroAgent listens on.
For Patch Management Customers: URL exception (allow) to Microsoft *.windowsupdate.com
If you want to exclusively define each IP and port combination, although it is not recommended to attempt to be this granular, listed below is a comprehensive list for all traffic for each component or solution (but as we add new servers, you will have to go back and add the new IP addresses):
IP and ports:
|
Description |
Transport Protocol |
Host Name/ IP Address |
Port |
|
MicroAgent Data Collection |
TCP/IP HTTPS (SSL) |
66.45.78.93 |
443 |
|
MicroAgent Registration |
TCP/IP HTTP(S) |
66.45.78.81 (and .80 backup)
66.45.78.103
|
443/80 |
|
File Server (same as MA Reg) |
TCP/IP HTTP(S) |
66.45.78.81 (and .80 backup) |
443/80 |
|
Real-time Management Server |
TCP/IP HTTPS (SSL) |
66.45.78.89 |
443 |
|
Systems Manager |
HTTPS |
manager.systemsmanagementondemand.com |
443 |
|
Customer Service Center |
HTTPS |
go.systemsmanagementondemand.com |
443 |
|
Network Monitor UI |
HTTPS |
netmon.systemsmanagementondemand.com |
443 |
|
Web-based Remote Control |
VNC |
66.45.78.113 |
443/80 |
|
Web-based Remote Control |
VNC |
66.45.78.118 |
443/80 |
|
Microsoft Bulletins download |
TCP/IP HTTP |
*.windowsupdate.com |
80 |
|
Monitor Collector/Poller Agents |
TCP/IP HTTPS (SSL) |
66.45.78.81
66.45.78.104
|
443 |
Software Dist (Overflow) 66.45.78.119
REMOTE COTROL (LAN BASED): 5901 and 963 if using the java UI.
NOTE: In the Future, we will be adding 66.45.78.108 to split out SD traffic.
SEE ALSO KB 41
NOTE: inbound email notifications for help desk users come from these two IP addresses:
66.45.78.78
66.45.78.82
66.45.78.113
|
