Skip to end of metadata
Go to start of metadata


FileWave software uses the below listed TCP/IP ports. These are defaults settings and may be configured to listen on different ports if required.

FileWave 13.3 changes are highlighted in green

Port Testing

Please consider downloading the FileWave Port Testing macOS/Windows utility to confirm communication of Google Cloud Messaging, Apple Push Notifications and between the device network(s) and Server/Boosters.

The following may be run from the server to confirm Apple, Microsoft and FileWave services:

Server Command Line
sudo /usr/local/filewave/python/bin/python /usr/local/filewave/django/manage.pyc check_connections

Default Port 20445

MDM default port is 20445 as shown throughout this KB. On older versions of FileWave this was 20443. To confirm the defined port, check the Port setting in FileWave Admin > Preferences > Mobile > MDM Server > Port

Topology Diagrams

Server PortsProtocol/ServiceServer In/OutDescription
80HTTPOutgoingFileWave Software Updates (apple.com & microsoft.com)
443HTTPSOutgoing

FileWave License Server (fwks.filewave.com & logstash.filewave.com)

FileWave Software Updates (apple.com)

20015ProprietaryIncomingFileWave Client to Server (Will be deprecated in a future release)
20016SSLIncomingFileWave Admin to Server
20017SSLIncomingFileWave Client to Server: Secure (replaces 20015)
20019SSLIncomingBooster to Server: priority traffic
20030VNCIncomingFileWave Client to Server: Remote Control Data
20005SSL**IncomingFileWave Client to Server: ZeroMQ*
20006SSL**IncomingFileWave Client to Server ZeroMQ*
19995Local OnlyIncomingServer local loop: Internal Messaging Publishing
20443HTTPSIncoming

FileWave Client to Server: Profiles

Booster to Server: Inventory/Discovery

20445HTTPSIncoming

FileWave Client to Server: Inventory

Booster to Server: Inventory/Discovery

20446HTTPSIncomingFileWave Admin and Web Admin to Dashboard

* ZeroMQ includes: Remote Control Publishing, Remote Control Routing, device renaming, revoking device certificates, push notifications

** Only encrypted when compatibility mode is disabled

Client PortsProtocol/ServiceServer In/OutDescription
20010Proprietary
FileWave Admin to Client: Client Monitor: macOS, Windows & Android APK
20020Local Only
FileWave Client local loopback for fwgui process to fwcld process (Kiosk)
20031Local Only
FileWave Client local loopback for Remote Control
◊ Listening only, unreachable from network
Apple MDM PortsProtocol/ServiceServer In/OutDescription
443HTTPSOutgoingAPNs to Apple's servers (17.0.0.0/8): starting from Version 13.0+

FileWave Admin to iTunes, DEP & VPP (17.0.0.0/8)

Device to iTunes, DEP & VPP (17.0.0.0/8)
2195APNSOutgoingAPNs to Apple's server (17.0.0.0/8) 
5223APNSOutgoingAPNs to Apple's servers (17.0.0.0/8)
20443HTTPSIncomingDevice to Server: Profiles & MDM
20445HTTPSIncoming

FileWave Admin to Server


Android EMM PortsProtocol/ServiceServer In/OutDescription
443HTTPSOutgoing

Server to EMM commands (androidmanagement.googleapis.com)


Device to Activation servers (*.clients.google.com), Play Store (play.google.com), EMM commands (androidmanagement.googleapis.com)

FileWave Admin to Play Store (play.google.com)

20016SSLIncomingFileWave Admin to Server
20445HTTPSIncoming

FileWave Admin to Server: Inventory

Companion App to Server: Location tracking


ChromebookProtocol/ServiceServer In/OutDescription
443HTTPSOutgoingServer to Chrome API

Chromebook to Chrome API (www.googleapis.com)
20016SSLIncomingFileWave Admin to Server
20445HTTPSIncomingFileWave Admin to Server

Chromebook Inventory Extension to Server (optional)

Android APK PortsProtocol/ServiceServer In/OutDescription
20015ProprietaryIncomingDevice to Server (Will be deprecated in a future release)
20016SSLIncomingFileWave Admin to Server
20017SSLIncomingDevice to Server: Secure (replaces 20015)
20010Proprietary
FileWave Admin to Device: Client Monitoring
20443HTTPSIncomingDevice to Server
20445HTTPSIncomingFileWave Admin to Server: Inventory
5228-5230GCMOutgoing

Server to Google Cloud Messaging


Device to Google Cloud Messaging

Booster PortsProtocol/ServiceServer In/OutDescription
20018SSL
Booster to Booster: priority traffic
20013ProprietaryIncoming

FileWave Client to Booster (Will be deprecated in a future release) (Booster Priority fallback)

20014SSLIncomingFileWave Client to Booster: Secure (replaces 20013) (Booster Priority fallback)
20003SSL††IncomingBooster to Server: ZeroMQ

Booster to Booster: ZeroMQ
20004SSL††IncomingBooster to Server: ZeroMQ

Booster to Booster: ZeroMQ

† ZeroMQ includes: Remote Control Publishing, Remote Control Routing, device renaming, revoking device certificates, push notifications

† Only encrypted when compatibility mode is disabled

IVS (Imaging) PortsProtocol/ServiceServer In/OutDescription
67DHCP
Client to IVS‡‡
69TFTP
Client to IVS‡‡
80HTTP
Client to IVS
111NFS
Client to IVS
4011DHCP
Client to IVS: UEFI PXE
2049NFS
Client to IVS
20444HTTPSOutgoingServer to IVS

Web Admin interface (Appliance only)

Client to IVS

TCP/IP & UDP

‡‡ UDP only

Engage PortsProtocol/ServiceServer In/OutDescription (Additional communication beyond other standard communication)
443HTTPSOutgoingServer to Engage

Client to Engage: (iOS .ipa, macOS .app and Browser)
20445HTTPS
Engage to server



Boosters

Booster ports 20018 and 20019 introduced in 13.3.1

Configuring port 20015 automatically configures port 20017(SSL). 20017 takes priority if available. Do not configure the Client/Booster to use 20017.

Configuring port 20013 automatically configures port 20014(SSL). 20014 takes priority if available. Do not configure the Client/Booster to use 20014.

Apple and macOS Client Devices

Communication between these components only

PortServerClientBoosterAdminKioskIVS
67
(tick)


(tick)
69
(tick)


(tick)
80(tick)




111
(tick)


(tick)
443(tick)




2049
(tick)


(tick)
4011
(tick)


(tick)
20003
(tick)(tick)


20004
(tick)(tick)


20005(tick)(tick)(tick)(tick)

20006(tick)(tick)(tick)(tick)

20010
(tick)
(tick)

20013
(tick)(tick)


20014
(tick)(tick)


20015(tick)(tick)(tick)


20016(tick)

(tick)

20017(tick)(tick)(tick)


20018

(tick)


20019(tick)
(tick)


20020
(tick)

(tick)
20030(tick)(tick)



20031
(tick)

(tick)
20443(tick)(tick)(tick)


20444(tick)(tick)


(tick)
20445(tick)(tick)(tick)(tick)

20446(tick)

(tick)

Boosters

Booster ports 20018 and 20019 introduced in 13.3.1. Booster routing relays some client communication through the Booster.

Configuring port 20015 automatically configures port 20017(SSL). 20017 takes priority if available. Do not configure the Client/Booster to use 20017.

Configuring port 20013 automatically configures port 20014(SSL). 20014 takes priority if available. Do not configure the Client/Booster to use 20014.

Apple and macOS Client Devices

Communication between these components only

PortServerClientBoosterAdminKioskIVS
67
(tick)


(tick)
69
(tick)


(tick)
80(tick)




111
(tick)


(tick)
443(tick)




2049
(tick)


(tick)
4011
(tick)


(tick)
20003
(tick)(tick)


20004
(tick)(tick)


20005(tick)(error)(tick)(tick)

20006(tick)(error)(tick)(tick)

20010
(tick)
(tick)

20013
(tick)(tick)


20014
(tick)(tick)


20015(tick)(error)(tick)


20016(tick)

(tick)

20017(tick)(error)(tick)


20018

(tick)


20019(tick)
(tick)


20020
(tick)

(tick)
20030(tick)(tick)



20031
(tick)

(tick)
20443(tick)(tick)(tick)


20444(tick)(tick)


(tick)
20445(tick)(tick)(tick)(tick)

20446(tick)

(tick)

macOS

macOS requires FileWave Client

Apple MDM Enrolled Devices

Communication between these components only

Port

Server

Devices

iTunes, DEP & VPP

Admin

APNS

80

(tick)



443(tick)(tick)(tick)(tick)(tick)
5223
(tick)

(tick)
20016(tick)

(tick)
20443(tick)(tick)


20445(tick)

(tick)

Boosters

Companion App only required for additional services, e.g Location Tracking.

Android EMM Enrolled Devices

Communication between these components only

Port

Server

Devices

Play

Companion App

EMM

Admin

80

(tick)




443

(tick)(tick)(tick)(tick)(tick)(tick)

20016

(tick)



(tick)

20445

(tick)



(tick)
5228(tick)




5229(tick)




5230(tick)




Chromebook

Inventory Extensions only required for additional inventory

Chromebook

Communication between these components only

Port

Server

Devices

Play

Companion App

EMM

Admin

443

(tick)(tick)(tick)(tick)(tick)(tick)

20016

(tick)



(tick)

20445

(tick)



(tick)

Android APK

Requires Android APK (Legacy Devices)

Android APK Devices

Communication between these components only

Port

Server

Devices

Google Cloud

Admin

80

(tick)


443

(tick)


20016

(tick)

(tick)
20443(tick)(tick)

20445(tick)

(tick)
5228(tick)


5229(tick)


5230(tick)


Devices

Requires devices are configured based upon other topologies necessary

FileWave Engage

Communication between these components only

Port

Server

Devices

Engage Server

Admin

Engage App

443

(tick)(tick)(tick)
(tick)

20005

(tick)(tick)


20016

(tick)

(tick)

20443

(tick)

(tick)
20445(tick)
(tick)(tick)
5228(tick)



5229(tick)



5230(tick)