Firewall Configuration
Refer to this section for a complete description of ports and protocols that should be configured in your system. Create firewall rules to allow access to the following resources:
Resource
Action1 servers (server.action1.com):
- 54.210.188.13
- 54.227.102.112
- 3.210.54.212
- 3.213.90.174
Action1 servers in North America (Remote Desktop):
- 34.192.9.15
- 34.203.184.16
- 52.200.246.160
- 52.205.66.134
- 44.194.92.198
Action1 servers in Europe (Remote Desktop):
- 3.10.103.241
- 3.9.108.222
- 18.169.144.48
- 18.170.18.228
- 18.135.32.225
Action1 servers in Middle East (Remote Desktop):
- 43.204.118.97
- 43.204.159.86
- 43.204.185.8
- 43.205.23.250
Action1 servers in East Asia (Remote Desktop):
- 13.215.147.78
- 13.215.188.158
- 54.255.13.83
- 54.169.182.56
Action1 servers in Australia (Remote Desktop):
- 13.211.73.202
- 13.236.50.64
- 54.79.127.148
- 54.79.23.166
Action1 servers in Africa (Remote Desktop):
- 13.245.186.152
- 13.245.81.159
- 13.244.155.212
- 13.244.175.69
Managed endpoints
(LAN only)
(LAN only)
a1-backend-packages.s3.amazonaws.com
*.windowsupdate.com
*.mp.microsoft.com
emdl.ws.microsoft.com
*.update.microsoft.com
Type
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Inbound
Outbound
Outbound
Outbound
Outbound
Outbound
Port & Protocol
22543 TCP,
TLS 1.2 over TCP
TLS 1.2 over TCP
22543 TCP,
TLS 1.2 over TCP
TLS 1.2 over TCP
22543 TCP,
TLS 1.2 over TCP
TLS 1.2 over TCP
22543 TCP,
TLS 1.2 over TCP
TLS 1.2 over TCP
22543 TCP,
TLS 1.2 over TCP
TLS 1.2 over TCP
22543 TCP,
TLS 1.2 over TCP
TLS 1.2 over TCP
22543 TCP,
TLS 1.2 over TCP
TLS 1.2 over TCP
22551 TCP,
BT over TCP
BT over TCP
443 HTTPS
TCP, proprietary by Microsoft
HTTPS/TLS 1.2
HTTP
HTTPS/TLS 1.2
Required for
(Required) Connection to Action1 Cloud.
(Required - only for North America) Connection to Action1 Cloud. For your convenience, these servers are located in the North America operational region and ensure faster routing and processing of your requests.
(Required - only for Europe) Connection to Action1 Cloud. For your convenience, these servers are located in the Europe operational region and ensure faster routing and processing of your requests.
(Required - only for Middle East) Connection to Action1 Cloud. For your convenience, these servers are located in the Middle East operational region and ensure faster routing and processing of your requests.
(Required - only for East Asia) Connection to Action1 Cloud. For your convenience, these servers are located in the East Asia operational region and ensure faster routing and processing of your requests.
(Required - only for Australia) Connection to Action1 Cloud. For your convenience, these servers are located in the Australia operational region and ensure faster routing and processing of your requests.
(Required - only for Africa) Connection to Action1 Cloud. For your convenience, these servers are located in the Africa operational region and ensure faster routing and processing of your requests.
(Recommended) Exchanging pieces of downloaded apps (P2P file sharing) that helps minimize the external bandwidth usage. The port should be open locally on managed endpoints to allow connections between agents in the local network. If the inbound communication between agents on the local network is not allowed, the agents will not be exchanging downloaded app pieces locally and always download in full from the cloud.
Deploying apps and 3rd party patch management.
Windows Update management.
Windows Update management.
Windows Update management.
Windows Update management.
Components
Agents, Deployer
Agents, Deployer
Agents, Deployer
Agents, Deployer
Agents, Deployer
Agents, Deployer
Agents, Deployer
Agents
Agents
Agents
Agents
Agents
Agents
Note: * (asterisk sign) in DNS names means including all child subdomains, with multi-level nesting. For example, *.example.com would include example.com, child.example.com, grand.child.example.com, and all other possible subdomains.