Default TCP and UDP Port Usage
FileWave software uses the below-listed TCP/IP ports. These are default settings and may be configured to listen on different ports if required. Consider FileWave Server should not have IPv6 enabled for the best experience.
Port Testing
Please consider downloading the FileWave Port Testing macOS/Windows utility to confirm communication of Google Cloud Messaging, Apple Push Notifications and connectivity between device network(s) and Server/Boosters.
The following may be run from the server to confirm Apple, Microsoft, and FileWave services:
Server Command Line
sudo /usr/local/filewave/python/bin/python /usr/local/filewave/django/manage.pyc check_connections
TeamViewer Ports
TeamViewer has an additional set of ports to consider:
https://community.teamviewer.com/English/kb/articles/4139-ports-used-by-teamviewer
FileWave Server Ports
MDM default port is now 20445 as shown throughout this KB. On older versions of FileWave, this was 20443. To confirm the defined port, check the Port setting in FileWave Central > Preferences > Mobile > MDM Server > Port
Server Ports | Service | Protocol | Server In/Out | Description |
80 | HTTP | TCP | Outgoing |
FileWave Software Updates (apple.com & microsoft.com) *** |
443 | HTTPS | TCP | Outgoing | FileWave License Server (fwks.filewave.com & logstash.filewave.com)
FileWave Software Updates (apple.com) *** FileWave/TeamViewer Session Server (rcs.filewave.com) FileWave/TeamViewer Push Notification Server (fwpn.filewave.com) |
443 | HTTPS | TCP | Incoming |
API endpoints - Anywhere API (v2 API) Device to Server (Enrollment URL) - Google/Azure/Okta |
20015 | Proprietary | TCP | Incoming | FileWave Client to Server; Legacy but should be used as the port by the Agent. SSL traffic will run on 20017. (Server does not listen to this port in FileWave 15.4+) |
20016 | SSL | TCP | Incoming | FileWave Central to Server |
20017 | SSL | TCP | Incoming | FileWave Client to Server: Secure |
20019 | SSL | TCP | Incoming | Booster to Server: Priority Traffic |
20022 | SSL** | TCP | Incoming | FileWave Central to Server: NATS
FileWave Client to Server: NATS IVS to Server: NATS |
20023 | SSL** | TCP | Incoming | FileWave Booster to Server: NATS |
20124 | SSL | TCP | Incoming | FileWave Server JSON Websockets (JWT) Websocket connections for NATS SERVER used between FW Anywhere and FW Server. (Added 14.10.0) |
20441 | Proprietary | TCP | Incoming | FileWave Client to Server: Remote Client Monitor |
20443 | HTTPS | TCP | Incoming | FileWave Client to Server: Profiles
Booster to Server: Inventory/Discovery |
20445 | HTTPS | TCP | Incoming | FileWave Client to Server: Inventory
Booster to Server: Inventory/Discovery |
20446 | HTTPS | TCP | Incoming | FileWave Central and FileWave Anywhere to Dashboard |
- NATS includes: Remote Control Publishing, Remote Control Routing, device renaming, revoking device certificates, push notifications
** Only encrypted when compatibility mode is disabled
*** Also used by FileWave Central to vendor Software Update Servers.
Configuring port 20015 automatically configures port 20017(SSL)[port entered +2]. 20017 took priority if available. Do not configure Client/Booster to use port 20017. 20015 is now deprecated and 20017 will be used where 20015 is set.
FileWave Client Ports
Client Ports | Service | Protocol | In/Out | Description |
20443 | HTTPS | TCP | Out |
FileWave Kiosk ( *.filewave.cloud ) |
20010 | Proprietary | TCP | In | FileWave Central to Client: Client Monitor: macOS, Windows & Android APK |
FileWave Booster Ports
Booster Ports | Service | Protocol | Server In/Out | Description |
20013 | Proprietary | TCP | Incoming | FileWave Client to Booster; legacy (Booster does not listen to this port in FileWave 15.4+) |
20014 | SSL | TCP | Incoming | FileWave Client to Booster: Secure (Booster Priority fallback) |
20018 | SSL | TCP | Incoming | Booster to Booster: Priority Traffic |
20026 | SSL †† | TCP | Incoming | FileWave Client to Booster connections using NATS Server |
† NATS includes: Remote Control Publishing, Remote Control Routing, device renaming, revoking device certificates, push notifications
†† Only encrypted when compatibility mode is disabled
Configuring port 20013 automatically configures port 20014(SSL) [port entered +1]. 20014 took priority if available. Do not configure Client/Booster to use port 20014. 20013 is now deprecated and 20014 will be used where 20013 is set.
Apple MDM Ports
Apple MDM Ports | Service | Protocol | Server In/Out | Description |
443 | HTTPS | TCP | Outgoing |
FileWave Server to Apple's servers (17.0.0.0/8) FileWave Admin to iTunes, DEP & VPP (17.0.0.0/8) Device to iTunes, DEP & VPP (17.0.0.0/8) |
443 | HTTPS | TCP | Incoming |
VPP v2 Notifications from Apple |
5223 | APNS | TCP | Outgoing | FileWave Server to Apple's servers (17.0.0.0/8) |
20443 | HTTPS | TCP | Incoming | Device to Server: Profiles & MDM |
20445 | HTTPS | TCP | Incoming | FileWave Central to Server |
Android EMM Ports
Android EMM Ports | Service | Protocol | Server In/Out | Description |
443 | HTTPS | TCP | Outgoing |
Server to EMM commands (androidmanagement.googleapis.com) Device to Activation servers (*.clients.google.com) Device to Play Store (play.google.com) EMM commands (androidmanagement.googleapis.com) FileWave Central to Play Store (play.google.com) |
20016 | SSL | TCP | Incoming | FileWave Central to Server |
20445 | HTTPS | TCP | Incoming | FileWave Central to Server: Inventory
Companion App to Server: Location Tracking |
Chromebook Ports
Chromebook Ports | Service | Protocol | Server In/Out | Description |
443 | HTTPS | TCP | Outgoing |
Server to Chrome API Chromebook to Chrome API (www.googleapis.com) |
20016 | SSL | TCP | Incoming | FileWave Central to Server |
20445 | HTTPS | TCP | Incoming |
FileWave Central to Server Chromebook Inventory Extension to Server |
Windows MDM Ports
Windows MDM Ports | Service | Protocol | Server In/Out | Description |
443 | HTTPS | TCP | Incoming | Device to Server (Enrollment URL) |
443 | HTTPS | TCP | Outgoing |
Server to Windows MDM (*.azure.com) Device to Windows MDM (*.azure.com) |
NOTE: The FileWave client will also be installed and all previously listed FileWave client ports are required.
FileWave IVS Ports
IVS (Imaging) Ports | Service | Protocol | Server In/Out | Description |
67 | DHCP | UDP | Client to IVS‡‡ | |
69 | TFTP | UDP | Client to IVS‡‡ | |
80 | HTTP | TCP | Client to IVS | |
111 | NFS | TCP/UDP | Client to IVS‡ | |
4011 | DHCP | TCP/UDP | Client to IVS: UEFI PXE‡ | |
2049 | NFS | TCP/UDP | Client to IVS‡ (Removed in FileWave 15.5+) | |
20490 | VPN | TCP/UDP | Client to IVS‡ | |
20015 | Proprietary | TCP | Incoming | IVS to Server (Removed in FileWave 15.4+) |
20016 | SSL | TCP | Incoming | IVS to Server |
20017 | SSL | TCP | Incoming | IVS to Server: Secure |
20022 | SSL | TCP | Incoming | Imaging Server to FileWave Server NATS |
20443 | HTTPS | TCP | Incoming | IVS to Server: Inventory |
20444 | HTTPS | TCP | Incoming |
Server to IVS Client to IVS FileWave Anywhere interface (Appliance only) |
20445 | HTTPS | TCP | Incoming | IVS to Server: Inventory |
‡ TCP/IP & UDP
‡‡ UDP only
3 Comments
When ports are added/removed, will the port tester applications be updated as well (in terms of what ports are auto-populated)?
In reply to #1
Thank Sean. The challenge can be when a port is removed or added in version 2.0 we still support 1.0 so there's sometimes a lag, and there were a lot of port changes in the 14.7 - 15.0 releases. That one port though that we are removing now I think stayed too long. In the future it might be nicer if the tool asked what version of FW server it was testing against and then loaded the appropriate list but I also hope we don't go through such a big change in port numbers again.
thanks for literally highlighting 20015!