# How to access OpManager on AWS using EC2 instance?

Running OpManager on AWS helps in ensuring world class network management for your device while eliminating the need for a physical server for monitoring.

You can use OpManager in AWS using one of the 2 methods:

- [By purchasing and running OpManager AMI from AWS store](https://www.manageengine.com/network-monitoring/help/installing-opmanager-aws.html#ami)
- [By installing OpManager in a separate EC2 instance](https://www.manageengine.com/network-monitoring/help/installing-opmanager-aws.html#ec2)

## By purchasing and running OpManager AMI from AWS store

Before you begin, please purchase OpManager AMI from [here](https://aws.amazon.com/marketplace/pp/prodview-s2uv6kcdkb5jc?sr=0-1&ref_=beagle&applicationId=AWSMPContessa).

- After the purchase of the AMI, you will be required to launch an EC2 instance from this AMI. For more information on how to do this, please check [this page](https://repost.aws/knowledge-center/launch-instance-custom-ami). While creating the instance, ensure that the following metrics meet the required criteria:

| Metric | Criteria |
|---|---|
| EC2 Instance Type | m4.xlarge or above |
| Operating System | Windows 10/8/7 (or) Windows Server 2008 and newer (Supported up to 2019) |
| Storage | 20 GB (minimum) |

- Once the instance is launched from the given AMI, you need to initiate an RDP session of the particular instance. To learn more about this action, please check [this page](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connect-rdp.html).
- Use the RDP session to log into the instance.
- After logging in to the instance, go to the **Services** app. To do this, type "**Services**" into the Windows search bar, and click on the Services app result.
- In the Services app, check whether the following service is running: **ManageEngine OpManager**.
- If ManageEngine OpManager service is in a running state, go to your browser and connect to OpManager's console using either of these two ports:

  **(a)** http://<ec2_instance_public_dns>:8060 (for http connection)  
  **(b)** https://<ec2_instance_public_dns>:8061 (for https connection)

- Log in to OpManager using the following credentials:

  **Username**: admin  
  **Password**: *--Instance ID--*

**Note:** When you access the OpManager using the public IP/DNS address, note that the "Public IP/DNS address" changes when the instance is stopped/terminated. As in a network, devices need to forward syslogs & traps to the OpManager server, the public IP has to be updated in the end devices every time it changes. Hence it is recommended to use an elastic IP address for seamless monitoring. For more details on Elastic IP address click [here](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html).

## By installing OpManager in a separate EC2 instance

### Pre-requisites

Before installing OpManager in AWS, ensure that you meet the following pre-requisites:

1. Say if you are planning to manage up to 250 devices using OpManager, we recommend you to have the following instance configurations:

   - EC2 instance type m4.xlarge or above
   - OS - Windows 10/8/7 or Windows server 2008 or above (up to 2019 supported)
   - 20 GB memory space (minimum)

   **Note:** The above specified are the minimum requirements. You may have to change the configurations according to the number of devices you are monitoring and additional integrations/modules (such as firewall, IP address management etc). To know more about creating instance click [here](http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/EC2_GetStarted.html).

2. Ensure that the instance's Public IP/DNS is not blocked by any firewall and is accessible to all devices in your network.
3. Ensure that the [required security ports](https://www.manageengine.com/network-monitoring/help/installing-opmanager-aws.html#securityports) are available for use.

### Steps to install and run amazon from EC2 instance

1. Remotely connect to your EC2 instance.
2. In that instance, open your web browser.
3. [Download](https://www.manageengine.com/network-monitoring/download.html) and install OpManager.
4. Login to OpManager using username as admin and password as admin.

### Important Note

Ensure that the following ports in your OpManager instance are not blocked for proper functioning of OpManager and its add-ons (this step is a must for running OpManager from AMI as well as for running OpManager from an EC2 instance):

| Port | Protocol | Port Type | Usage | Remarks |
|---|---|---|---|---|
| 13306 | TCP | Static (PostgreSQL) | Database Port | Can be changed in conf/database_params.conf file. |
| 1433 | TCP | Static (MS SQL) | Database Port | Can be changed in conf/database_params.conf file / dbconfiguration.bat file. |
| 22 | TCP | Static | SSH Port |  |
| 8060 | TCP | Static | Web Server Port | Can be configured using ChangeWebServerPort.bat. |
| 161 | UDP | Static | SNMP |  |
| 135 | TCP | Static | WMI |  |
| 445 | TCP | Static | WMI |  |
| 5000 to 6000 | TCP | Dynamic | WMI |  |
| 49152 to 65535 | TCP | Dynamic | WMI | Windows 2008R2 and higher |
| 2000 | TCP | Static | Internal Communication Port |  |
| 56328 | TCP | Dynamic | ShutDown Listener Port |  |
| 162 | UDP | Static | SNMP Trap Receiver Port |  |
| 514 | UDP | Static | SYSLOG Receiver Port | SYSLOG Receiver Port can be changed via WebClient |
| 69 | UDP | Static | TFTP Port [NCM] |  |
| 1514 | UDP | Static | Firewall Log Receiver [FWA] | Firewall Receiver Port can be changed via WebClient |
| 9996 | TCP |  | NetFlow Listener Port [NFA] | NetFlow Listener Port can be changed via WebClient |