Port and ICMP Requirements for an Agent Management Job
Certain ports are required on the endpoint during the installation process of the Agent Management Job. Firewall configuration changes may be required to access applicable ports.
If your firewall policies cannot allow needed port access, contact Ivanti Support (https://forums.ivanti.com/s/contactsupport) for a recommended configuration.
On the endpoint, open the ports listed in the following table.
|
Required Ports |
Direction |
Description |
|---|---|---|
|
Inbound |
Ivanti Endpoint Security uses these ports to access the endpoint during the installation of the Agent Management Job. After the Agent Management Job completes, you can close these ports. Tip: In addition, the Discovery Scan Job also use these ports to discover information about the endpoint. |
|
Outbound |
Following agent installation, the Ivanti Endpoint Security Agent uses these ports to register and communicate with the Ivanti Endpoint Security server. After the Agent Management Job completes, you need to leave these ports open. |
Both the Discovery Scan Job and the Agent Management Job requires the endpoint to accept ping requests from the Ivanti Endpoint Security server. Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP response. Therefore, you need an exception within your endpoint firewall for inbound Internet Control Message Protocol (ICMP) echo request.
Refer to Enable or disable Internet Control Message Protocol requests for ICF for additional information.