Ports scanned or used by Lansweeper

Below is an overview of the ports used by Lansweeper for scanning client machines and for internal communication between Lansweeper components.

  • Lansweeper web console access
    HTTP port specified in the Lansweeper installer
    HTTPS port specified in the Lansweeper installer, when the default web server (IIS Express) is used. When using the alternate IIS web server, an HTTPS port must be configured directly in IIS Manager.
  • Lansweeper service and web console to SQL Server database
    Port: 1433/TCP and possibly other SQL Server related ports
    Which ports must be opened on the machine hosting your SQL Server instance depends on how your instance is configured. Port 1433 is a common port used for SQL Server traffic, but additional ports may need to be opened as well. Please review this Microsoft knowledge base article for detailed information on how to allow SQL Server traffic through a firewall.
  • Lansweeper service to Active Directory domain controllers
    Port: 389/TCP (LDAP)
  • Lansweeper service to scanned Windows computers
    Port: 135/TCP (DCOM to establish the initial WMI session with the computer)
    Port: 139/TCP (NetBIOS Session Service)
    Port: 445/TCP (SMB)
    Random ports in the 1025-5000 or 49152-65535 range (to send the WMI data)
    Lansweeper pulls Windows computer data from WMI (Windows Management Instrumentation), a management infrastructure built into Windows operating systems. By default, Windows sends WMI data over random ports. You need to either:
    • Configure your firewalls in such a way that *all* WMI traffic (over random ports) is allowed. Windows Firewall includes an exception that you can enable to allow WMI traffic, as explained in this knowledge base article. For third-party firewalls, you'll need to consult your firewall documentation.
    Configure a fixed WMI port and allow traffic through that port. Setting up a fixed port is supported by all recent Windows operating systems starting from Windows Vista.
    • If you are unable to allow WMI traffic through your firewalls, scan your computers locally with the LsAgent or LsPush scanning agent instead. This does not require firewall reconfiguration.
  • Lansweeper service to scanned Linux, Unix and Mac computers
    Port: 22/TCP (SSH) or a custom SSH port of your choice
  • Lansweeper service to scanned VMware servers
    Port: 443/TCP (HTTPS)
  • Lansweeper service to scanned network devices
    ICMP Ping
    Port: 21/TCP (FTP)
    Port: 22/TCP (SSH) or a custom SSH port of your choice
    Port: 23/TCP (Telnet)
    Port: 25/TCP (SMTP)
    Port: 80/TCP (HTTP)
    Port: 135/TCP (EPMAP)
    Port: 137/UDP (NetBIOS Name Service)
    Port: 139/TCP (NetBIOS Session Service)
    Port: 161 (SNMP)
    Port: 443/TCP (HTTPS)
    Port: 445/TCP (SMB)
    Port: 1900/TCP (SSDP, UPnP)
    Port: 1900/UDP (SSDP, UPnP)
    Port: 5060 (SIP) or a custom SIP port of your choice
    Port: 5353/TCP (mDNS, DNS-SD)
    Port: 5353/UDP (mDNS, Bonjour, DNS-SD)
    Port: 8008/TCP (Chromecast)
    Port: 8080/TCP (HTTP)
    Port: 8443/TCP (HTTPS)
    Port: 9100/TCP (JetDirect)
    Port: 16992/TCP (Intel vPro HTTP)
    Port: 16993/TCP (Intel vPro HTTPS)
    Port: 62078/TCP (iTunes sync port for iOS device identification)
  • Scanned computers to Lansweeper service, if the LsAgent or LsPush scanning agent is used for scanning, with a direct server connection
    Port: 9524/TCP or a custom port of your choice
    This port must be open in the firewall of the Lansweeper scanning server, i.e. the server hosting the Lansweeper Server service. You can choose a custom port in the Service Options section of the following Lansweeper web console menu: Configuration\Server Options

Related Articles