Which network ports does the KACE K1000 appliance require? In the event that you are placing your KACE K1000 appliance behind firewalls, you may need to configure them to either whitelist the K1000 traffic, or at the very minimum review the following list and make sure that required ports are opened:
| Port Number |
Purpose |
Configurable At... |
Optional / Required |
Direction |
Protocol |
| 80 |
user portal, admin portal, client check-in |
Security Settings |
Must be 80 and/or 443 |
--> into K1000 |
HTTP |
| 443 |
SSL option for user portal, admin portal, client check-in |
Security Settings |
Must be 80 and/or 443 |
--> into K1000 |
HTTPS |
| 8080 |
To View Reports |
N/A |
Required for Reports |
--> into K1000 |
HTTP |
| 8443 |
To View Reports over SSL |
N/A |
Required for Reports |
--> into K1000 |
HTTPS |
| 22 |
KACE support engineers access to K1000 via SSH |
Security Settings |
Optional |
--> into K1000 |
SSH |
| 3306 |
Access to MySQL Database |
Security Settings |
Optional |
--> into K1000 |
TCP |
| 52230* |
AMP persistent client connection |
Agent Messaging Protocol Settings |
Required |
--> into K1000 |
TCP |
| 139/445 |
Access to Samba Shares |
Security Settings |
Required for Provisioning |
--> into K1000 |
SMB |
| 21 |
Access to K1000 backup files via FTP |
N/A |
Optional but recommended |
--> into K1000 |
FTP |
| 161 |
SNMP Monitoring |
Security Settings |
Optional |
-->into K1000 |
UDP |
| 25 |
K1000 send mail out |
Not configurable, but can relay through your own SMTP server on Network settings page |
Optional |
<-- out of K1000 |
SMTP |
| 23 |
ftp traffic to K1000 |
N/A |
Optional |
<-- out of K1000 |
FTP |
| 139/445 |
client provisioning |
N/A |
Required on PC for Provisioning |
<-- out of K1000 |
SMB |
| 80/443 |
datacenter communication to KACE, download of patches (e.g. https://service.kace.com) |
N/A |
required for patching and DELL updates |
<-- out of K1000 |
HTTP |
| 22 |
Enable K1000 Tether |
Tether can be turned on under support tab\Troubleshooting Tools, but port is not changeable |
Optional |
<-- out of K1000 |
SSH |
| 389 |
LDAP |
Settings\User Authentication OR Helpdesk\Users->Import Users OR Reporting\Filters->LDAP Filters |
Optional |
<-- out of K1000 |
LDAP |
| 636 |
LDAPS |
Settings\User Authentication OR Helpdesk\Users->Import Users OR Reporting\Filters->LDAP Filters |
Optional |
<-- out of K1000 |
LDAP |
*prior to 4.1 this port was optional. Prior to 4.0 this was from the K1000 to the client
Patch Download Exceptions
Below are the following URLs used to update patch listings, K1000 software updates, OVAL, SCAP, Dell warranty,and Dell updates. Please whitelist these in your firewall for both 80 and 443:
https://service.kace.com
http://download.windowsupdate.com
http://kace.cdn.lumension.com
http://servicecdn.kace.com
https://api.dell.com
http://api.support.dell.com
http://go.microsoft.com
http://www.kace.com
http://www.appdeploy.com
http://support.kace.com
http://ftp.dell.com
http://cache.patchlinksecure.net
http://cache.lumension.com