Skip to main content

Default TCP and UDP Port Usage

FileWave software uses the below-listed TCP/IP ports. These are default settings and may be configured to listen on different ports if required. Consider FileWave Server should not have IPv6 enabled for the best experience.

Port Testing

Please consider downloading the FileWave Port Testing macOS/Windows utility to confirm communication of Google Cloud Messaging, Apple Push Notifications and connectivity between device network(s) and Server/Boosters.

The following may be run from the server to confirm Apple, Microsoft, and FileWave services:

Server Command Line

sudo /usr/local/filewave/python/bin/python /usr/local/filewave/django/manage.pyc check_connections

TeamViewer Ports

TeamViewer has an additional set of ports to consider:

https://community.teamviewer.com/English/kb/articles/4139-ports-used-by-teamviewer

FileWave Server Ports

MDM default port is now 20445 as shown throughout this KB. On older versions of FileWave, this was 20443. To confirm the defined port, check the Port setting in FileWave Central > Preferences > Mobile > MDM Server > Port

The ports in this table are listed from the FileWave Server’s perspective, so the “Server In/Out” column indicates the direction of traffic relative to the Server.

Server Ports Service Protocol Server In/Out Description
80 HTTP TCP Outgoing

FileWave Software Updates (apple.com & microsoft.com) ***

443 HTTPS TCP Outgoing * FileWave License Server (fwks.filewave.com & logstash.filewave.com)

* FileWave Software Updates (apple.com) ***

* FileWave/TeamViewer Session Server (rcs.filewave.com)

* FileWave/TeamViewer Push Notification Server (fwpn.filewave.com)

* FileWave Kiosk ( *.filewave.cloud )

* FileWave AutoPkg integration (le7bqzikha.execute-api.us-east-1.amazonaws.com)
* FileWave Software Updates (apple.com & microsoft.com) ***

443 HTTPS TCP Incoming

* API endpoints - Anywhere API (v2 API)

* Device to Server (Enrollment URL) - Google/Azure/Okta

20015 Proprietary TCP Incoming

DO NOT OPEN

FileWave Client to Server; Legacy, but should be configured only.

SSL traffic will run on 20017. 

(Removed in FileWave 15.4+)

Server no longer listens on this port.

20016 SSL TCP Incoming FileWave Central to Server
20017 SSL TCP Incoming

FileWave Client to Server: Secure

Set port 20015, not 20017, in Client Configuration

20019 SSL TCP Incoming Booster to Server: Priority Traffic
20022 SSL TCP Incoming FileWave Central to Server: NATS

 

FileWave Client to Server: NATS

IVS to Server: NATS

20023 SSL TCP Incoming

FileWave Booster to Server: NATS

20124 SSL TCP Incoming FileWave Server JSON Websockets (JWT)  Websocket connections for NATS SERVER used between FW Anywhere and FW Server.
20441 Proprietary TCP Incoming FileWave Client to Server: Remote Client Monitor
20443 HTTPS TCP Incoming

* FileWave Client to Server: Inventory

* Apple Devices to Server: Inventory, Profiles, DDM, MDM

* Android Devices to Server: Companion App

* Chromebook to Server: Inventory

* Booster to Server: Inventory/Discovery
* API endpoints - Command Line API (v1)

* App Portal to Server

* FileWave Central and FileWave Anywhere to Dashboard

20445 HTTPS TCP Incoming
20446 HTTPS TCP Incoming FileWave Central and FileWave Anywhere to Dashboard

(Removed in FileWave 16.0+)

Server no longer listens on this port.

NATS includes: Remote Control Publishing, Remote Control Routing, device renaming, revoking device certificates, push notifications
*** Also used by FileWave Central to vendor Software Update Servers.

Configuring port 20015 also automatically configures SSL port; 20017 [port entered +2].  20015 is now deprecated and 20017 will be used where 20015 is set.  Open port 20017 alone for Client communication.

FileWave Kiosk Ports

The ports in this table are listed from the Kiosk on the Client's perspective, so the “In/Out” column indicates the direction of traffic relative to the macOS or Windows Kiosk running there.

Kiosk Ports Service Protocol In/Out Description
443 HTTPS TCP Out Devices to *.filewave.cloud (To download the Kiosk App)
20443 HTTPS TCP Out Devices to FileWave Server
20445 HTTPS TCP Out Devices to FileWave Server

FileWave Client Ports

The ports in this table are listed from the FileWave Client's perspective, so the “In/Out” column indicates the direction of traffic relative to the macOS or Windows Client.

Client Ports Service Protocol In/Out Description
443 HTTPS TCP Out FileWave Software Updates (apple.com & microsoft.com) ***
20010 Proprietary TCP In

FileWave Central to Client: Client Monitor: macOS, Windows & Android APK

(Removed in FileWave 16)

Client no longer listens on this port.

*** Also used by FileWave Central to vendor Software Update Servers.

image.png

FileWave Booster Ports

The ports in this table are listed from the Booster's perspective, so the “In/Out” column indicates the direction of traffic relative to the Booster.

Booster Ports Service Protocol In/Out Description
443 HTTPS TCP Out FileWave Software Updates (microsoft.com) ***
20013 Proprietary TCP Incoming

DO NOT OPEN

FileWave Client to Booster; legacy, but should be configured only.

SSL traffic will run on  20014.

Booster no longer listens on this port.

20014 SSL TCP Incoming

FileWave Client to Booster: Secure (Booster Priority fallback) 

Set port 20013, not 20014, in Booster Configuration

20018 SSL TCP Incoming Booster to Booster: Priority Traffic
20026 SSL  TCP Incoming FileWave Client to Booster connections using NATS Server
20030 SSL TCP Incoming FileWave Client to Booster for Windows OS updates

NATS includes: Remote Control Publishing, Remote Control Routing, device renaming, revoking device certificates, push notifications
*** Also used by FileWave Central to vendor Software Update Servers.

Configuring port 20013 also automatically configures SSL ports; 20014 [port entered +1] and 20018 [port entered + 5].  20013 is now deprecated and 20014 will be used where 20013 is set.  Open port 20014 alone for Client to Booster communication.  Open ports 20014 and 20018 for Booster to Booster communication.

Booster should be able to connect with Microsoft OS Updates URL, if using FileWave to manage Windows Software Updates.


image.png

Apple MDM Ports

The ports in this table are listed from the FileWave Server’s perspective, so the “Server In/Out” column indicates the direction of traffic relative to the Server and these ports are specifically those needed to manage Apple devices. Apple devices will also need to reach the Apple servers on 17.0.0.0/8.

Apple MDM Ports Service Protocol Server In/Out Description
443 HTTPS TCP Outgoing

FileWave Server to Apple's servers (17.0.0.0/8)

FileWave Admin to iTunes, DEP & VPP (17.0.0.0/8)

Device to iTunes, DEP & VPP (17.0.0.0/8)

443 HTTPS TCP Incoming

VPP v2 Notifications from Apple

5223 APNS TCP Outgoing FileWave Server to Apple's servers (17.0.0.0/8)
20443 HTTPS TCP Incoming Device to Server: Profiles & MDM
20445 HTTPS TCP Incoming FileWave Central to Server

image.png

Android EMM Ports

The ports in this table are listed from the FileWave Server’s perspective, so the “Server In/Out” column indicates the direction of traffic relative to the Server and these ports are specifically those needed to manage Android devices. Android devices will also need to reach the Google's servers.

Android EMM Ports Service Protocol Server In/Out Description
443 HTTPS TCP Outgoing

Server to EMM commands (androidmanagement.googleapis.com)

Device to Activation servers (*.clients.google.com)

Device to Play Store (play.google.com)

EMM commands (androidmanagement.googleapis.com)

FileWave Central to Play Store (play.google.com)

20016 SSL TCP Incoming FileWave Central to Server
20445 HTTPS TCP Incoming FileWave Central to Server: Inventory

Companion App to Server: Location Tracking

image.png

Chromebook Ports

The ports in this table are listed from the FileWave Server’s perspective, so the “Server In/Out” column indicates the direction of traffic relative to the Server and these ports are specifically those needed to manage Google Chromebook devices. Chromebook devices will also need to reach the Google's servers.

Chromebook Ports Service Protocol Server In/Out Description
443 HTTPS TCP Outgoing

Server to Chrome API

Chromebook to Chrome API (www.googleapis.com)

20016 SSL TCP Incoming FileWave Central to Server
20445 HTTPS TCP Incoming

FileWave Central to Server

Chromebook Inventory Extension to Server

image.png

Windows MDM Ports

The ports in this table are listed from the FileWave Server’s perspective, so the “Server In/Out” column indicates the direction of traffic relative to the Server and these ports are specifically those needed to manage Windows MDM devices. Windows devices will also need to reach the Microsoft's servers.

Windows MDM Ports Service Protocol Server In/Out Description
443 HTTPS TCP Incoming Device to Server (Enrollment URL)
443 HTTPS TCP Outgoing

Server to Windows MDM (*.azure.com)

Device to Windows MDM (*.azure.com)

NOTE: The FileWave client will also be installed and all previously listed FileWave client ports are required.

image.png


FileWave IVS Ports

IVS Ports Service Protocol From To Notes Open port on...
67 DHCP UDP Client IVS ‡‡ IVS
69 TFTP UDP Client IVS ‡‡ IVS
80 HTTP TCP

Client

IVS
IVS
111 NFS TCP/UDP Client IVS IVS
4011 DHCP UDP Client IVS UEFI PXE‡‡ IVS
2049 NFS TCP/UDP  
Client to IVS‡ (Removed in FileWave 15.5+) IVS
20015 Proprietary TCP

IVS to Server (Removed in FileWave 15.4+) Server
20016 SSL TCP IVS Server
Server
20017 SSL TCP IVS Server
Server
20022 SSL TCP IVS Server NATS Server
20443 HTTPS TCP IVS Server Inventory Server
20444
HTTPS
TCP
Server IVS

Non Hosted Only

IVS



Client IVS



IVS

IVS Django

20490 VPN TCP/UDP Client IVS IVS
20445 HTTPS TCP IVS Server Inventory Server

TCP/IP & UDP
‡‡ UDP only