Firewall Settings

This article describes what ports and IP addresses ManageEngine OS Deployer components use for remote operations


To let ManageEngine OS Deployer operate properly in the network, you need to open specific ports in Firewall settings.


Components of the listed ManageEngine OS Deployer use the following ports and IP addresses for remote operation:

  • UDP port: 9876
  • TCP port: 9876, if busy, choose at random
  • IPv4 multicast address:
  • IPv6 multicast address: FF05::fAA5:741E.
  • ManageEngine OS Deployer Management Console UDP port: 9877, if busy, choose at random

ManageEngine PXE Server uses the following ports and IP address:

  • UDP port: 67, 68, 69.
  • Broadcast address:

More information

Options for the Windows Firewall, included in Windows XP SP2, SP3, Windows 2003 Server, Windows Vista and Windows Server 2008 are set automatically during installation of ManageEngine OS Deployer components. However, make sure that the option File and Printer Sharing in Control Panel -> Windows Firewall -> Exceptions is enabled on the remote computer, before the remote installation starts. This option is only necessary for remote installation via ManageEngine OS Deployer Management Console.

FTP-server must allow passive mode for file transfers. It is recommended that you change the source computer Firewall settings to open ports 20 and 21 for both TCP and UDP protocols and disable the Routing and Remote Access Windows service.

See also Network Connections during Image Deployment.

Imaging and Deployment Software trusted by