Skip to main content
Kofax

Ports used by ShareScan 5.4, 5.2 and 5.1

Information:

This article lists the required ports that are used with ShareScan v5 when communicating between a PC running ShareScan Manager and the multifunction devices.

Note: Internal traffic between the Manager and the multifunction device is minimal.

Attached to this Answer is a Windows Firewall File (.WFW) that includes the firewall exceptions for ShareScan 5.4.x. The attachment can be found at the bottom of the article.

 

Protocol

Port

Inbound

Outbound

Internal

5.1

5.2

5.4

Canon MEAP

Canon ScanFront

Ricoh

Xerox (embedded, TWAIN)

Fuji Xerox

Konica Minolta

HP

HP S900

Description

Echo

7

 

x

 

x

x

x

 

 

 

 

 

 

x

  Used in case of HP devices

ICMP

 

 

x

 

x

x

x

x

x

x

x

x

x

x

x

Used in case of all types of clients to check if the device is available via network

TCP

80

 

x

 

x

x

x

 

x

 

 

 

      Used to connect to Canon ScanFront devices, when non-HTTPS mode is set up

TCP

135

x

x

 

x

x

x

x

x

x

x

x

x x x Windows File Share, may need to be opened for image transfer

TCP

443

 

x

 

x

x

x

 

x

 

 

x

 

 

x

Used to connect to Web Services on the devices, when HTTPS mode is set up

TCP

443

x

 

 

x

x

x

 

x

 

x

x

x

x

x

Main secure communication channel for web based devices (when HTTPS is enabled)

TCP

1024-65535

x

 

 

x

x

x

 

 

 

x

 

      Used by Xerox EIP client for FTP - arbitrary FTP port (both Xerox Embedded and Xerox ScanStation with eCopy TWAIN driver)

TCP

1433

 

x

 

x

x

x

x

x

x

x

x

x

x

x

SQL Server standard port, used in case of remote SQL Server (if the standard port is configured on SQL Server)

TCP

2121

x

 

 

x

x

x

 

 

 

x

        Used by Xerox EIP client for FTP (both Xerox Embedded and Xerox ScanStation with eCopy TWAIN driver)

TCP

7627

 

x

 

x

x

x

 

 

 

 

 

 

x

 

Used to invoke web services on the HP devices

TCP

8002

 

 

x

 

x

x

x

x

x

x

x

x

x

x

ShareScan Watcher service communicates with the Agent Service via this internal port

TCP

8003

 

 

x

 

x

x

x

x

x

x

x

x

x

x

ShareScan Manager communicates with the Watcher Service via this internal port

TCP

8005

 

 

x

x

x

x

x

x

x

x

x

x

x

x

Used by Tomcat for service management purposes

TCP

8009

 

 

x

x

x

x

x

x

x

x

x

x

x

x

Used by Tomcat AJP Connector (not in active use in ShareScan installation)

TCP

8080

x

 

 

x

x

x

 

x

 

x

x

x

x

x

Main  communication channel for web based devices (when HTTPS is disabled)

TCP

8080

 

 

x

x

x

x

 

 

 

 

 

 

 

 

Communication port for web-based Simulator. When no web devices are used, the port is not needed to be opened for the outside

TCP

8080

 

x

 

x

x

x

 

 

 

 

x

 

 

x

Used to connect to Web Services on the devices, when HTTPS not used

TCP

8081

x

x

 

x

x

x

x

x

x

x

x

x

x

x

Proxy port for HTTP requests of the Web Simulator, when using the Simulator on a server managed remotely (via the Remote Mnagement feature)

For eCopy Scanfront 300 (8081 TCP port need to be opened between ShareScan server and ScanFront device)

TCP

8800

x

 

 

 

x

x

x

x

x

x

x

x

x

x

HTTP port for the Job Monitor Web UI (not necessary if Job Monitor is not enabled)

TCP

8802

 

 

x

 

x

x

x

x

x

x

x

x

x

x

ShareScan Job Monitor Host service communicates to the Agent service via this internal port  

TCP

8802

 

 

x

 

x

x

x

x

x

x

x

x

x

x

ShareScan Job Monitor Host service communicates to the Agent service via this internal port  

TCP

8802

 

 

x

 

x

x

x

x

x

x

x

x

x

x

ShareScan Job Monitor Host service communicates to the Agent service via this internal port

TCP

8843

x

 

 

 

x

x

x

x

x

x

x

x

x

x

Secure counterpart of port 8800

TCP

9030

 

x

 

x

x

x

x

 

x

 

 

 

 

 

Used by the ShareScan Manager to send messages to the clients. In case of Ricoh and Canon MEAP, these are sent directly to the device

TCP

9030

 

 

x

x

x

x

 

x

 

x

x

x

x

x

In case of web-based devices control messages are sent to the Tomcat Web server on the same machine 

TCP

9031

 

 

x

x

x

x

x

 

x

x

 

x

 

 

ScanStation only: control messages are sent to the ScanStation client from the ShareSCan Manager on the same machine 

TCP

9031

 

x

 

x*

 

 

 

 

 

 

 

 

 

 

Used by the ShareScan Manager to send messages to the MEAP Client. *Used only in case of VISA 5.1 custom build

TCP

9325

x

 

 

x

x

x

x

x

x

x

x

x

x

x

Input port for Cost Recovery Protocol based integration

TCP

9425

x

 

 

x

x

x

x

x

x

x

x

x

x

x

Input port for ID Services based integration (NTWare / Uniflow)

TCP

9599

x

 

 

 

x

x

x

x

x

x

x

x

x

x

Port used for test purposes, by the Troubleshooter tool. Not required in production systems

TCP

9600

x

 

 

x

x

x

x

 

x

 

 

 

 

 

Main ShareScan Manager communication port. Used by the ShareScan embedded clients to send requests to the ShareScan Manager service

TCP

9600

 

 

x

x

x

x

 

x

 

x

x

x

x

x

In case of web-based  devices requests are sent by the Tomcat Web server to the ShareSCan Manager Service on the same machine 

TCP

9601

x

 

x

x

x

x

x

x

x

x

x

x

x

x

Communication port used by the Agent Service (Administration Console and Agents on other machines are connecting to this)

TCP

9602

 

 

x

x

x

x

x

x

x

x

x

x

x

x

Tracing port, used by the Nuance Imaging Framework (NIF) Tracing Service

TCP

9605

x

 

 

x*

 

 

x

 

 

 

 

 

 

 

Secure registration callback port. *Used in the VISA 5.1 custom build

TCP

9610

x

 

 

 

 

x

x

 

x

 

 

 

 

 

Image upload port, only in v5.4 and above for embedded clients

 TCP

 9611

 x

 

 

 

 

 x

x

 

 x

 

        Secure image upload port, only in 5.4 SP2 and above for embedded clients.

TCP

9621

x

 

 

x*

 

 

x

 

 

 

 

 

 

 

Secure counterpart of port 9600. *Used only in the VISA 5.1 custom build

TCP

9650

x

x

 

 

x

x

x

x

x

x

x

x

x

x

Used in multi manager / HA setups, for Manager to Manager communication

TCP

9700

x

 

 

 

x

x

x

x

x

x

x

x

x

x

Management port, when Capture Server Monitor is used to test this ShareScan server

TCP

9900

 

 

x

 

x

x

 

x

 

x

x

x

x

x

Web Client (Tomcat) HTTP requests to Agent for web device configuration information

TCP

9901-

 

 

x

x

x

x

x

x

x

x

x

x

x

x

Used by Business Automation document service, co communicate with service processes. When a new (concurrent)  instance is created, the port number is increased with 1

TCP

19150

 

 

x

x

x

 

x

x

x

x

x

x

x

x

FPE / Form Processing Service

TCP

50001

 

x

 

x

x

x

 

 

 

 

 

x

 

 

Web Service port on KM devices

TCP

50002

x

 

 

x

x

x

 

 

 

 

 

x

 

 

Port used by KM devices on Tomcat service

TCP

50003

 

x

 

x

x

x

 

 

 

 

 

x

 

 

Web Service port on KM devices

UDP

135

x

x

 

x

x

x

x

x

x

x

x

x

x

x

Messenger service, may need to be opened for image transfer

UDP

161

 

x

 

x

x

x

x

x

x

x

x

x

x

x

Standard port of SNMP protocol (used by device discovery and for Xerox scanning).

UDP

8125

x

x

 

x

x

x

x

x

x

x

x

x

x

x

Used by the ShareScan Manager to send the status messages that are displayed in the Administration Console and Activity Monitor

UDP

8899

 

x

 

x

x

x

x

 

x

 

 

 

 

 

Used by ShareScan device discovery

UDP

9650

x

x

 

 

x

x

x

x

x

x

x

x

x

x

Port for ShareScan managers to communicate about output creator processes. Also a maintenance service port for ShareScan managers in multi-manager setups

UDP

9655

x

x

 

 

 

x

x

x

x

x

x

x

x

x

Management port between ShareScanManager and ShareScanAgent services

UDP

9988

x

 

 

x

x

x

x

 

x

 

 

 

 

 

Used by ShareScan device discovery

 

 

Notes:

  • Ping is required between the server and device.  ShareScan requires ICMP, specifically PING, to establish connection between the ShareScan Manager and MFPs.  MFPs may appear to be Offline if ICMP traffic is blocked. See KB 16452.
  • If any of these ports are used by other applications, ShareScan displays a warning message indicating what ports are in use. Even though the install will go through, the administration should make the appropriate changes to ensure that ShareScan works properly.
  • While ShareScan supports multiple domains, a single domain is highly recommended for best performance.
  • While ShareScan supports multiple workgroups, a single workgroup is highly recommended for best performance.
  • The ShareScan Manager PC can be on different subnets or VLANs from the multifunction devices, provided that the multifunction devices can communicate with the Manager PC using an IP address. If multifunction devices span multiple subnets or VLANs, a router is required to pass packets back and forth. However, in these situations the UDP and the SNMP based device discovery mechanisms may not be functional.
  • ShareScan 5.0 does not support multiple network adapters in the ShareScan Manager PC.

 

Attachments:

ShareScan54Policy.wfw (184 KB)