Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 27 subscribers
  • Views 1865 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

STAS ports for "Configuration Sync"?

IT IT7

With CTAS, I found that the Windows Firewall ports documented here--

community.sophos.com/.../131610

--are incomplete. They do not include the ports required for the "Configuration Sync" feature, which I found (by temporarily enabling firewall logging) were TCP27015 and UDP50001. The KB article should be updated to reflect this.

About to set up STAS, and I didn't find a "Port Requirements for..." KB article for STAS. I'd guess they're the same, and I'll figure it out for myself if no one answers here.

But this also needs to be documented for STAS.

Or, for extra credit, do like most installers do these days and open the required ports in Windows Firewall during Setup!



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    For the ports requirement of STAS we already have documented the same details with respect to below KBA:

    https://community.sophos.com/kb/en-us/123156

    Interested section from above KBA:

    Configure the Windows Firewall and/or 3rd party firewall software to allow communication over the following ports:

    • AD Server: Inbound UDP 6677, Outbound UDP 6060, Outbound TCP 135 & 445 (if using Workstation Polling Method WMI or Registry Read Access), Outbound ICMP (if using Logoff Detection Ping), Inbound/Outbound UDP 50001 (collector test), Inbound/Outbound TCP 27015 (config sync).
    • Workstation(s): Inbound TCP 135 & 445 (if using Workstation Polling Method WMI or Registry Read Access), Inbound ICMP (if using Logoff Detection Ping).

    Note: RPC, RPC locator, DCOM and WMI services should be enabled on workstations for WMI/Registry Read Access

Reply
  • 0

    Hi  

    For the ports requirement of STAS we already have documented the same details with respect to below KBA:

    https://community.sophos.com/kb/en-us/123156

    Interested section from above KBA:

    Configure the Windows Firewall and/or 3rd party firewall software to allow communication over the following ports:

    • AD Server: Inbound UDP 6677, Outbound UDP 6060, Outbound TCP 135 & 445 (if using Workstation Polling Method WMI or Registry Read Access), Outbound ICMP (if using Logoff Detection Ping), Inbound/Outbound UDP 50001 (collector test), Inbound/Outbound TCP 27015 (config sync).
    • Workstation(s): Inbound TCP 135 & 445 (if using Workstation Polling Method WMI or Registry Read Access), Inbound ICMP (if using Logoff Detection Ping).

    Note: RPC, RPC locator, DCOM and WMI services should be enabled on workstations for WMI/Registry Read Access

Children
No Data