Resilio Active Everywhere uses specific ports and protocols to properly function. Depending on the network your Agents are in, these must be open to let traffic flow between the Agents, Management Console, and the Tracker Server. The Management Console communicates with the Agents using TCP.
Once the Management Console and Agents are communicating, the Resilio Active Everywhere Agents must also be able to transfer data to and from other Agents. Agents transfer data to each other using TCP and UDP. To make this possible the necessary ports must be opened and forwarded on all firewalls, NATs, and routers between the Agents.
The table below contains default values for the ports used by Resilio Active Everywhere. Ports can be customized in Management Console configuration file and the profile.
Management Console |
||
Port | Protocol | Description |
8443 | TCP | Management Console web interface. |
8444 | TCP | Resilio Agent control traffic. |
8445 | TCP |
Resilio Agent events and logs. Note: Port 8445 is optional and only used when Management Console saves events to events.log. |
8446 | TCP |
API gateway. Note: Required for new installations v3.8.0 by default. For MC updated from previous version it's required only if enabling the API gateway in the configuration file. |
3000 | TCP and UDP |
Tracker service. Note: By default, the tracker runs on the same machine as the Management Console, but it can be placed on another machine if preferred. |
1080 | TCP (outgoing) | Connection to Resilio Proxy |
Additionally, Management Console reaches out to the following Resilio's public servers:
|
||
Agent |
||
Port | Protocol | Description |
3000 | TCP and UDP |
Tracker Server Note: UDP is optional and if your organization doesn't allow it the Tracker will still work. |
3839 | TCP and UDP |
Data transfer between agents. Note: If each of the Agents is behind a NAT or firewall (pfSense in particular), it may required to:
Note: Connect Agents can be configured to transfer data using only TCP or UDP if your organization limits the transmission of one these protocols |
3838 | Multicast UDP (239.192.0.0) |
LAN agent discovery. Note: Multicast is optional and if your organization doesn't allow it there are other ways to enable Connect Agents to transfer data. |
1900 | UDP multicast to 239.255.255.250 |
UPnP and NAT-PMP. Note: Multicast is optional and if your organization doesn't allow it there are other ways to enable Connect Agents to transfer data. |
5351 | TCP unicast | |
3328 | TCP and UDP |
Connection to Proxy server. Note: Additional custom port might be required. |
Proxy ServerNote: Applicable only to deployments with Proxy Servers. |
||
Port | Protocol | Description |
1080 | TCP (incoming) | Connection from Management Console |
3328 | TCP and UDP (incoming) | Connection from agents to proxy server (additionally, custom port might be required) |
Port Forwarding
If your Management Console (and default Tracker Server) are behind a Firewall and you have WAN based Agents, you may need to enable port forwarding from you WAN based IP address to your LAN based computer (hosting the Management Console) for the following:
Port | Protocol | Description |
8444, 8445 | TCP | Management Console |
3000 | TCP and UDP | Tracker Server |
Diagrams
Basic Configuration (Management Console, Tracker and Agents on the same LAN)
Advanced Configuration (Management Console and Tracker Server behind a Firewall, WAN-based Agents)
Agent Connection to Management Console
For Connect Agents to communicate with the Management Console, they require a configuration file (sync.conf) which contains the IP address (or DNS name), and security credentials of the Management Console. This is so they can:
- Establish a secure connection to the Management Console.
- Send file and job operation events.
- Connect to other Agents and receive Agent policy.