Getting Started

Endpoints

Patch Management

Vulnerability Management

Software Deployment & IT Assets

Automation & Remote Desktop

Real-Time Reports & Alerts

Account Access & Management

SSO Authentication

Security Concerns

Need Help?

Action1 5 Documentation 5 Firewall Configuration 5 Region: Europe

Region: Europe

Managed endpoints connections

NOTE: The Action1 agents now communicate with Action1 servers primarily over port 443, which is open by default in most enterprise environments. The agent first attempts to connect via port 443, and if that connection fails, it automatically falls back to port 22543.

Resource

Action1 servers (server.eu.action1.com):
  • 18.159.245.29
  • 18.195.232.183
  • 3.69.247.61
  • 52.29.164.59
Managed endpoints
(LAN only)

Type

Outbound
Inbound

Port & Protocol

443 or 22543,
TLS 1.2 or TLS 1.3 over TCP
22551 TCP/UDP,
6771 UDP

Required for

Connection to Action1 Cloud
P2P file sharing

Components

Action1 agents
Action1 agents

Details

- The port should be open locally on managed endpoints to allow connections between agents in the local network.
- Make sure the Windows Firewall Policy: Prohibit unicast response to multicast or broadcast requests is set to Not Configured (default setting) or No.

NOTE: If the inbound communication between agents on the local network is not allowed, the agents will not be exchanging downloaded app pieces locally and will always download in full from the cloud.

Connection to Action1 Remote Desktop facilities

NOTE: The Action1 agents now communicate with Action1 Remote Desktop relay servers primarily over port 443, which is open by default in most enterprise environments. The agent first attempts to connect via port 443, and if that connection fails, it automatically falls back to port 22543.

Resource

Action1 Remote Desktop relay servers in Europe:
  • 18.185.175.163
  • 3.71.193.26
  • 3.74.109.234
  • 35.159.135.52
Action1 Remote Desktop Console for Europe:
  • remote.eu.action1.com

Type

Outbound
Outbound

Port & Protocol

22543 TCP,
TLS 1.2 over TCP
443 HTTPS

Required for

Europe only: Connection to Action1 Remote Desktop relay servers.
Europe only: Connection to Action1 Remote Desktop Console.

Components

Action1 agents
Action1 Console (web browser)

Details

These servers are located in Europe to ensure a smooth Remote Desktop experience for the users located in this region.
This server is located in Europe to ensure a smooth Remote Desktop experience for the users located in this region.

For Windows Update management

Resource

*.windowsupdate.com
*.mp.microsoft.com
emdl.ws.microsoft.com
  • tsfe.trafficshaping.dsp.mp.microsoft.com
  • download.windowsupdate.com
  • dl.delivery.mp.microsoft.com
  • download.windowsupdate.com
  • windowsupdate.microsoft.com
  • *.windowsupdate.microsoft.com
  • *.update.microsoft.com
  • update.microsoft.com
  • download.microsoft.com
  • ntservicepack.microsoft.com
  • login.live.com

Type

Outbound
Outbound
Outbound
Outbound

Port & Protocol

TCP, proprietary by Microsoft
HTTPS/TLS 1.2
HTTP
HTTPS/TLS 1.2

Components

Action1 agents
Action1 agents
Action1 agents
Action1 agents

Application deployment and 3rd party patch management

Resource

a1-backend-packages-434810787744-eu-central-1.s3.amazonaws.com
  • eu-cdn.action1.com
  • eu-cdn-action1-com.b-cdn.net

Type

Outbound
Outbound

Port & Protocol

443 HTTPS
443 HTTPS (no SSL inspection)

Components

Action1 agents
Action1 agents

Details

Make sure you turn off the SSL inspection. Otherwise, software package downloads may fail with some firewalls (such as Zscaler).

Connection between Action1 Deployer (optional component) and infrastructure

NOTE: Action1 Deployer now communicates with Action1 servers primarily over port 443, which is open by default in most enterprise environments. It first attempts to connect via port 443, and if that connection fails, it automatically falls back to port 22543.

Resource

Action1 servers (server.eu.action1.com):
18.159.245.29
18.195.232.183
3.69.247.61
52.29.164.59
Target endpoints
Domain controllers

Type

Outbound
Outbound
Outbound

Port & Protocol

443 or 22543, TCP
135 RPC TCP
139 SMB TCP
445 SMB TCP
Dynamic port range (randomly allocated TCP ports between 49152 - 65535)
389 LDAP TCP

Components

Action1 Deployer
Action1 Deployer
Action1 Deployer

NOTE: * (asterisk sign) in DNS names means including all child subdomains, with multi-level nesting. For example,  *.example.com would include example.com, child.example.com, grand.child.example.com, and all other possible subdomains.