The following are the communication ports used by Aranda Device Management (ADM) in Cloud environments. The network needs to be configured to allow communications over these ports.
Servidor ADM Conserver
Machines on local networks can connect to a Conserver (server on the network local) to work with local connections and have additional functionalities.
| 80 (HTTP) or 443 (HTTPS) | TCP, UDP | Input port: Required for agents connection to the conserver server |
| 1884 | MQTT | Required for output only, intended for connection to the MQTT Broker |
⚐ Notes:
- For agent distribution devices must be within the same LAN, the devices are required to have the shared admin$ resource.
- It is required that the Windows User of Aranda with whom the installation and deployment of Agents will be carried out has Installation permissions, preferably administrator of the corresponding machines.
- For Linux and Mac operating systems, the use of the root user is required for the deployment of the agent.
Discovery Agent
When the client requires discovery functionality, it is must enable protocols so that equipment can be found and identified on the local network.
| 137 (Optional) | NETBIOS | Required for egress only, intended for device discovery by the NETBIOS protocol |
| 22 (Optional) | SSH | Required for egress only, intended for device discovery by SSH protocol |
| 389 (Optional) | TCP, UDP | Required for output only, intended for discovery by LDAP |
| 161 (Optional) | SMNP | Required for egress only, intended for device discovery by SMNP protocol |
⚐ Notes:
- Port 80 (HTTP) is required if the server is not configured with HTTPS and the appropriate SSL certificates. The client must enable the HTTPS protocol and not through the HTTP protocol.
- It is not necessary to always enable all protocols. The ADM Discovery Module allows you to enable the protocols that are required in the process.
ADM Agents
The Agents are installed on each of the computers that are going to be managed through the through ADM. In conserver architectures, agents are installed on machines through a distributed process guided from the console, however, there are multiple deployment alternatives which can be combined to cover different infrastructure scenarios.
The ports used in ADM vary depending on the architecture and functionalities required.
ADM Agent (Cloud Architecture)
| 80 (HTTP) or 443 (HTTPS) | TCP, UDP | Required for output only, intended for connection to ADM repserver or ADM Conserver |
| 1884 | MQTT | Required for output only, intended for connection to the MQTT Broker |
| WebSockets | They establish a persistent bidirectional connection between the ADM agent and the server, required for remote management functionality. |
⚐ Notes:
- For remote administration functionality, the device where the agent is installed must be able to display the repserver’s notification server site: https://Dominio/repserver/Notificationmessage.
- View functionality Remote Management
ADM Agent (With Discovery Capabilities)
| 137 (Optional) | NETBIOS | Ingress port, intended for device discovery by the NETBIOS protocol |
| 22 (Optional) | SSH | Input port, intended for device discovery via the SSH protocol |
| 389 (Optional) | TCP, UDP | Inbound port, intended for discovery by LDAP |
| 161 (Optional) | SMNP | Input port, intended for device discovery by SMNP protocol |
⚐ Notes:
- It is not necessary to always enable all protocols. The ADM discovery allows you to enable the protocols that are required in the process.
- The ADM agent uses two local ports to establish outbound connection (TCP) such as the connection to the MQTT Broker and communications between agent processes, it handles the ip of the localhost and is dynamic, chosen by the network card, usually ranges greater than 1023 to 65535 are used. It does not require you to do anything in the configuration.
ADM Agent (With Remote Control Functionality)
For remote control functionality in a cloud and on-premises architecture, the ADM agent installs a Workstation Agent called “Aranda Remote Control Worksation”, for the automatic installation to be performed the ADM agent must be able to visualize the domain of the repserver and everything that is after the installation is performed. / : https://Dominio/repserver/api/ and download files from that site.
To connect to these devices, install the Specialist Agent viewer, taking into account the following Requirements and ports for the two components of Remote Control Cloud and Onpremises