When using Sophos Remote Management System (RMS) with firewalls, use the information in this article to learn about the ports or programs which need access to the network. The requirements are different for workstations and for the Sophos Anti-Virus management server.
Applies to the following Sophos product(s) and version(s) Sophos Endpoint Security and ControlSophos Anti-Virus for Windows 2000+Enterprise ConsoleSophos Control Center
Note: All listed ports are TCP.
If your firewall allows you to grant access to particular programs (for example, the Windows XP firewall in Service Pack 2), these are the programs concerned
Note: The .exe file extension may not be visible.
If your firewall does not allow you to grant access to individual programs, you should open the following ports in your firewall:
You may find it useful to open port 8192 temporarily for testing purposes.
The three ports mentioned above also need to be available to service local connections by the Sophos Agent service. Sometimes, e.g. when connecting to the network using VPN software, a local firewall may prevent the local Sophos Agent service from accessing ports 8192 and 8194 on the local Sophos message router. The computer's status may then be reported incorrectly to the console. In those circumstances you might need to open ports 8192 and 8194 for local connections.
You will need to open the following ports in any firewall on the server you use as the Sophos Anti-Virus management server:
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.