All ports used by the baramundi Management Suite can be freely defined. The list shows the default assignment of the ports used.
Clients
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
AnyDesk-d01121d5.exe |
TCP 443/80/6568 |
ougoing |
Connection to the relay Relay server for establishing connection and transferring the session (only one of the ports is needed) |
*.net.anydesk.com |
|
AnyDesk-d01121d5.exe |
TCP 7070 |
ingoing |
Optional direct communication port if not communicating via Anydesk Relay Server |
bMC integrated Anydesk Client |
|
bma.exe |
10080 TCP |
outgoing |
(Kiosk, WinPE contact and job list) |
bServer |
|
bma.exe |
10083 TCP |
outgoing |
(bBT) |
DIP Server |
|
bma.exe (for XP + W2003 only) |
10098+x (x configurable) |
outgoing |
(bRemote invitation) |
bRemote Viewer |
|
bma.exe |
10092 TCP |
outgoing |
(JobTransfer, Inventory, Announce, OS Install) |
bServer |
|
bma.exe |
10087 UDP |
incoming |
(Server Push) |
-- |
|
bma.exe |
11000,11001 TCP |
incoming / outgoing (localhost) |
-- |
Traynotifier on localhost (only local release on client itself) |
|
bma.exe |
11000,11002 TCP |
incoming / outgoing (localhost) |
-- |
ShutdownJobController on localhost (only local release on client itself) |
|
bma.exe |
11000 TCP |
incoming (localhost) |
-- |
BMACmd on localhost (only local release on client itself) |
|
Windows |
7* UDP |
incoming |
(WOL) |
-- |
|
Windows |
SMB Ports |
incoming / outgoing |
(admin$ incoming / DIP$, BMS$ outgoing) |
bServer / DIP Server |
|
Windows |
3389 RDP |
incoming |
(bRemote) |
-- |
|
Windows |
7424,7425,7427 TCP (only XP / 2003) |
incoming |
(bRemote) |
-- |
|
Windows |
5900 TCP |
incoming |
(bRemote) |
-- |
|
Windows |
49152-65535 TCP/UDP |
incoming |
(bRemote Vista and higher, the port range can be configured, see Microsoft Support) |
-- |
|
Windows |
67, 69, 4011 UDP |
outgoing |
PXE Prot. (Boot Server, TFTP) |
bServer |
|
Windows |
68 UDP |
incoming |
PXE Prot. (DHCP) |
-- |
|
bfcrx |
10099 TCP |
incoming |
(Agent Installation) |
-- |
|
NetworkscannerAgent.exe |
random UDP port |
outgoing |
Network Scan job step, Port for SNMP requests |
-- |
Server
bServer
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
Windows |
ICMP |
outgoing |
-- |
-- |
|
Windows |
80/443 TCP |
outgoing |
Port 80 is required, for example, to download the CRLs (Certificate Revocation Lists), and a download of the CRLs is necessary to validate the URLs of the bMD services. |
Internet |
|
Windows |
Active Directory access |
outgoing |
-- |
Active Directory |
|
Windows |
SMB Ports |
incoming / outgoing |
(BMS$ incoming / DIP$ outgoing) |
DIP$ |
|
Windows |
1433 TCP |
outgoing |
Database |
Database server |
|
Windows |
443 TCP |
incoming |
Kiosk (client) |
-- |
|
baranet.exe |
10081 TCP |
incoming |
HTTPMOC |
-- |
|
bServiceHost.exe |
67, 69, 4011 UDP |
incoming (outgoing Source port of the client) |
PXE Prot. (Boot Server, TFTP) |
-- |
|
bServiceHost.exe |
68 UDP |
outgoing |
PXE Prot. (DHCP) |
Client |
|
bServiceHost.exe |
7* UDP |
outgoing |
(WOL) |
Client |
|
bServiceHost.exe |
10083 TCP |
outgoing |
DIPSync |
DIP Server |
|
bServiceHost.exe |
10086 UDP |
incoming |
WOL- and PXE-Relay |
-- |
|
bServiceHost.exe |
10086 UDP |
outgoing |
WOL- and PXE-Relay |
PXE Relay Server |
|
bServiceHost.exe |
10087 UDP |
outgoing |
(Server Push) |
Client |
|
bServiceHost.exe |
10088 TCP |
incoming |
bRemote |
-- |
|
bServiceHost.exe |
10092 TCP |
incoming |
(JobTransfer, Inventory, Announce, OS Install) |
-- |
|
bServiceHost.exe |
10099 TCP |
outgoing |
(Agent Installation) |
Client (bfcrx) |
|
bServer.exe |
80 TCP |
incoming |
bMD Crl Download (Only necessary for Windows Mobile, if no GW operation. Not necessary when starting with bMD from 2016 R1.) |
-- |
|
bServer.exe |
443 TCP |
incoming |
bConnect, bMD |
-- |
|
bServer.exe |
10085 TCP |
incoming |
bMC, bRemoteViewer, bMOL, Boot Media Wizard, SNMPScanner |
bMC |
|
bServer.exe |
10091 TCP |
incoming |
Database Manager |
(localhost) |
|
bServer.exe |
636 and 88 TCP, 389 TCP/UDM |
outgoing |
LDAPS/LDAP-Kommunikation für AD Sync Module, Kerberos |
Active Directory Server |
|
bServer.exe |
7222 TCP |
incoming |
Network Discovery Scanner |
|
|
bCloudConnectorJobInformation.exe |
443/WebSockets |
outgoing |
Cloud Connector Job Information sends the bMS job information to Microsoft Azure (Argus Cockpit) |
Azure (Argus Cockpit) |
|
bServer.exe |
RandomPort 1024-65535 |
ingoing |
Webview displays |
|
|
bServer.exe |
443 TCP |
outgoing |
bMD: Access to online services |
|
|
bCloudConnectorServerState.exe |
443/WebSockets |
outgoing |
Cloud Connector Server State sends the bServer server state to Microsoft Azure (Argus Cockpit) |
Azure (Argus Cockpit) |
|
bCloudConnectorDynamicGroups.exe |
443/WebSockets |
outgoing |
Cloud Connector Dynamic Groups sends the Universal Dynamic Groups with enabled Argus synchronization (with the included endpoints) to Microsoft Azure (Argus Cockpit) |
Azure (Argus Cockpit) |
DIP Server
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
Windows |
SMB Ports |
incoming |
DIP$ share |
-- |
|
Windows |
10083 TCP |
incoming/outgoing |
DIPSync.bBT |
DIP Server, client |
PXE Relay
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bServer.exe |
10086 UDP |
incoming |
WOL with PXE Relay |
-- |
|
bServer.exe |
67, 69, 4011 UDP |
incoming (outgoing source port of clients) |
PXE Prot. (Boot Server, TFTP) |
-- |
|
bServer.exe |
68 UDP |
outgoing |
PXE Prot. (DHCP) |
Client |
|
Windows |
7* UDP |
incoming |
(WOL) |
-- |
|
Windows |
1433 TCP |
outgoing |
Database |
Database server |
Management Components (Client/Server)
bMC
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
AnyDesk-d01121d5.exe |
TCP 443/80/6568 |
outgoing |
Connection to the relay Relay server for establishing connection and transferring the session (only one of the ports is needed) |
*.net.anydesk.com |
|
AnyDesk-d01121d5.exe |
TCP 7070 |
outgoing |
Optional direct port for connection to the target host if not communicating via the Relays server |
bMA integated Anydesk Client auf target client system |
|
bServer.exe |
10085 TCP |
outgoing |
Management |
bServer |
|
bServer.exe |
SMB Ports |
outgoing |
-- |
bServer, DIP Server |
|
bServer.exe |
1433 TCP |
outgoing |
Reports |
Database server |
|
bMC.exe |
636 TCP, 389 TCP/UDP |
outgoing |
LDAPS/LDAP communication for configuration of AD syncs |
Active Directory Server |
|
bMC.exe |
RandomPort 1024-65535 |
outgiong |
Webview displays |
bServer |
bRemoteViewer
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bRemoteViewer.exe |
10085 TCP |
outgoing |
Connection to bServer |
-- |
|
bRemoteViewer.exe |
10098 bis 10098+x (x configurable) |
incoming |
bRemote bMA channel |
-- |
|
bRemoteViewer.exe |
3389 RDP |
incoming |
bRemote RDP protocol |
-- |
|
bRemoteViewer.exe |
7424,7425,7427 TCP (nur XP / 2003) |
incoming |
bRemote Windows XP/2003 Remote protocol |
-- |
|
bRemoteViewer.exe |
5900 TCP |
incoming |
bRemote VNC protocol for Windows PE |
-- |
baramundi Mobile Devices
bServer
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bServer.exe |
443 TCP |
incoming |
Communication bMD |
-- |
|
bServer.exe |
443 TCP |
outgoing |
baramundi Android Enterprise Service / Google EMM Service |
-- |
iOS Hub
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bServer_iOSHub.exe |
443 TCP |
outgoing |
Apple Push |
-- |
|
bServer_iOSHub.exe |
443 TCP |
incoming |
Communication bMD |
-- |
|
bServer_ApplePush.exe |
443 TCP |
outgoing |
Apple Push |
-- |
Android Hub
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bServer_AndroidHub.exe |
443 TCP |
outgoing |
Android Push |
-- |
|
bServer_AndroidHub.exe |
443 TCP |
incoming |
Communication bMD |
-- |
bMD Gateway
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bGateway.exe |
443 TCP |
incoming / outgoing |
Communication bMD |
bServer |
Mobile Devices (iOS, Android)
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
All platforms |
443 TCP |
outgoing |
Communication bMD |
bServer or bMD Gateway |
|
Android |
5228,5229,5230 TCP |
outgoing |
Connection with Google Push Service |
Google Cloud |
|
Android |
443/80/6568 TCP |
outgoing |
Connection to the relay server for establishing a connection and transferring the session (only one of the ports is required) |
*.net.anydesk.com |
|
Android Enterprise |
443 TCP |
outgoing |
Connection to Google Play services; needed for App Deploy, Managed Google Play Store |
Google Cloud |
|
iOS |
5223 TCP |
outgoing |
Connection with Apple Push Service |
Apple Cloud |
|
iOS |
443/80/6568 TCP |
outgoing |
Connection to the relay relay server for establishing the connection and transferring the session (only one of the ports is required) |
*.net.anydesk.com |
Cloud-Enabled Endpoint Management
bServer
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bServer.exe |
443 TCP |
incoming |
Communication with baramundi Gateway |
-- |
|
bServiceHost.exe |
10092 TCP |
incoming |
Communication with baramundi Gateway |
-- |
Gateway
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bGateway.exe |
443 TCP |
incoming |
Communication with devices in Internet mode |
bServer |
|
bGateway.exe |
10092 TCP |
outgoing |
Forwarding job/file transfer and control messages (to bServiceHost.exe) |
-- |
|
bGateway.exe |
10083 TCP |
outgoing |
Communication with DIP Server (bBT) |
-- |
|
bGateway.exe |
443 TCP |
outgoing |
Communication with bServer.exe |
bServer |
DIP Server
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
DIP Server |
10083 TCP |
incoming |
bBT via Gateway |
-- |
Client
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bma.exe |
443 TCP |
outgoing |
Job transfer/Control messages/CRL-Download/Enrollment |
-- |
|
bma.exe |
80 TCP |
outgoing |
CRL download (Depending on the certification authority. Not required for standard with bMS certificates) |
-- |
|
Windows (BITS) |
443 TCP |
outgoing |
Data tansfer (bBT)/CRL-Download |
-- |
|
Windows (BITS) |
80 TCP |
outgoing |
CRL-Download (Depending on the certification authority. Not required for standard with bMS certificates) |
-- |
Client (Extended Mode)
|
Device |
Port |
Direction |
Description |
Target outgoing |
|---|---|---|---|---|
|
bma.exe |
443 TCP |
outgoing |
Job transfer and control messages |
-- |
|
bma.exe |
SMB-Ports |
outgoing |
Data transfer |
-- |
|
Windows (BITS) |
10083 TCP |
outgoing |
Data transfer (bBT) |
-- |
baramundi VPN
bServer
|
Device/Service |
Port |
Direction |
Description |
Destination outgoing |
|---|---|---|---|---|
|
bServer.exe |
443 |
outgoing |
Configuration of the VPN appliance via the API |
baramundi VPN appliance API |
baramundi VPN appliance
|
Device/Service |
Port |
Direction |
Description |
Destination outgoing |
|---|---|---|---|---|
|
API implementation (nginx) |
443 |
incoming |
Interface for configuring the VPN appliance |
-- |
|
OpenVPN service |
1194 (default) |
incoming |
VPN connection interface of the VPN clients |
-- |
|
OpenVPN service |
[ports required to connect to the internal LAN] |
outgoing |
Connection to the internal LAN |
Interfaces in the internal LAN |
|
Debian OS installation |
443 |
outgoing |
Download the installation files and updates |
debian.inf.tu-dresden.de |
|
Debian OS installation |
123 (NTP) |
outgoing |
Time server synchronization |
0.debian.pool.ntp.org |
|
Debian OS installation |
443 |
outgoing |
Python dependencies |
pypi.org pythonhosted.org |
Mobile Devices
|
Device/Service |
Port |
Direction |
Description |
Destination outgoing |
|---|---|---|---|---|
|
IOS/Android |
1194 (default) |
outgoing |
Interface for configuring the VPN appliance |
baramundi VPN appliance |