Firewall Configuration
Refer to this section for a complete description of ports and protocols that should be configured in your system. Create firewall rules to allow access to the following resources:
Resource
Action1 servers (*.server.action1.com):
- 3.210.54.212
- 3.213.90.174
- 54.210.188.13
- 54.227.102.112
Managed endpoints
(LAN only)
(LAN only)
a1-backend-packages.s3.amazonaws.com
tracker.amazonaws.com
*.windowsupdate.com
*.mp.microsoft.com
emdl.ws.microsoft.com
*.update.microsoft.com
Type
Outbound
Inbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Port & Protocol
22543 TCP,
TLS 1.2 over TCP
(TLS 1.3 in 2022)
TLS 1.2 over TCP
(TLS 1.3 in 2022)
22551 TCP,
BT over TCP
BT over TCP
443 HTTPS
6969 HTTP
(deprecated in October 2021)
(deprecated in October 2021)
TCP, proprietary by Microsoft
HTTPS/TLS 1.2
HTTP
HTTPS/TLS 1.2
Required for
Connection to Action1 Cloud.
(Recommended) Exchanging pieces of downloaded apps (P2P file sharing) that helps minimize the external bandwidth usage. The port should be open locally on managed endpoints to allow connections between agents in the local network. If the inbound communication between agents on the local network is not allowed, the agents will not be exchanging downloaded app pieces locally and always download in full from the cloud.
Deploying apps and 3rd party patch management.
Deploying apps and 3rd party patch management.
Windows Update management.
Windows Update management.
Windows Update management.
Windows Update management.
Components
Agents, Connector
Agents
Agents
Agents
Agents
Agents
Agents
Agents
Note: * (asterisk sign) in DNS names means including all child subdomains, with multi-level nesting. For example, *.example.com would include example.com, child.example.com, grand.child.example.com, and all other possible subdomains.
