At our libraries, we use Cisco Meraki devices to filter and manage Internet access for the patron computers. Currently, the Core Server and clients do not have direct communication with one another--the clients must be managed through the LDMG appliance. We are looking at what ports we must open in the Meraki to allow direct communications between the patron and staff LANs. Because of the work involved in adding the port exceptions, we are looking at enabling only the minimum set of ports required to support inventory scans, software distributions, and patch management and compliance. I reviewed the master list of all ports, and identified the following as the bare minimum we require. Could someone confirm I didn't miss anything?
Also, the Meraki does not allow us to add an exception to allow ICMP pings. Will this affect any features of LANDesk, aside from the ability of the LDMS to detect a client's status and to use multicast with push-based deliveries?
TCP 80: Bidirectional
TCP 135: Core Server to Agent
TCP 139/445: Agent to Core Server
TCP 443: Agent to Core Server
TCP 5007: Agent to Core Server
TCP 9535: Bidirectional
TCP 9593: Core Server to Agent
TCP 9594: Bidirectional
TCP 9595: Bidirectional
TCP 12174: Core Server to Agent
TCP 12175/12176: Agent to Core Server
UDP/TCP 33354: Bidirectional
UDP 33355: Core Server to Agent
UDP 38293: Bidirectional
Eric Moore
IT Technician
High Plains Library District