The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
This article explains the firewall exceptions for the Sophos Remote Management System (RMS) TCP ports - including direction.
Applies to the following Sophos product and version Sophos Anti-Virus for Windows 2000+Enterprise ConsoleSophos Control CenterSophos Enterprise Manager
See diagram below for clarification. Note: TCP port 8193 is not used for communication but you will see RMS listening on the port.
Click image to zoom in.
Port 8192 (TCP) is used to provide the connecting client (message router) with information on how to find connect to the SSL port for future communication.
Port 8192 (TCP) hosts an Interoperable Object Reference (IOR), which encodes within it the port and address for the client to connect back to. By default this is the IP address of the parent message router and port 8194 (TCP).
Port 8193 (TCP) although in a listening state is not used for communication and can therefore be safely fire-walled.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.