Ports used by ShareScan 5.4, 5.2 and 5.1
Information:
This article lists the required ports that are used with ShareScan v5 when communicating between a PC running ShareScan Manager and the multifunction devices.
Note: Internal traffic between the Manager and the multifunction device is minimal.
Attached to this Answer is a Windows Firewall File (.WFW) that includes the firewall exceptions for ShareScan 5.4.x. The attachment can be found at the bottom of the article.
| Protocol | Port | Inbound | Outbound | Internal | 5.1 | 5.2 | 5.4 | Canon MEAP | Canon ScanFront | Ricoh | Xerox (embedded, TWAIN) | Fuji Xerox | Konica Minolta | HP | HP S900 | Description |
| Echo | 7 | x | x | x | x | x | Used in case of HP devices | |||||||||
| ICMP | x | x | x | x | x | x | x | x | x | x | x | x | Used in case of all types of clients to check if the device is available via network | |||
| TCP | 80 | x | x | x | x | x | Used to connect to Canon ScanFront devices, when non-HTTPS mode is set up | |||||||||
| TCP | 135 | x | x | x | x | x | x | x | x | x | x | x | x | x | Windows File Share, may need to be opened for image transfer | |
| TCP | 443 | x | x | x | x | x | x | x | Used to connect to Web Services on the devices, when HTTPS mode is set up | |||||||
| TCP | 443 | x | x | x | x | x | x | x | x | x | x | Main secure communication channel for web based devices (when HTTPS is enabled) | ||||
| TCP | 1024-65535 | x | x | x | x | x | Used by Xerox EIP client for FTP - arbitrary FTP port (both Xerox Embedded and Xerox ScanStation with eCopy TWAIN driver) | |||||||||
| TCP | 1433 | x | x | x | x | x | x | x | x | x | x | x | x | SQL Server standard port, used in case of remote SQL Server (if the standard port is configured on SQL Server) | ||
| TCP | 2121 | x | x | x | x | x | Used by Xerox EIP client for FTP (both Xerox Embedded and Xerox ScanStation with eCopy TWAIN driver) | |||||||||
| TCP | 7627 | x | x | x | x | x | Used to invoke web services on the HP devices | |||||||||
| TCP | 8002 | x | x | x | x | x | x | x | x | x | x | x | ShareScan Watcher service communicates with the Agent Service via this internal port | |||
| TCP | 8003 | x | x | x | x | x | x | x | x | x | x | x | ShareScan Manager communicates with the Watcher Service via this internal port | |||
| TCP | 8005 | x | x | x | x | x | x | x | x | x | x | x | x | Used by Tomcat for service management purposes | ||
| TCP | 8009 | x | x | x | x | x | x | x | x | x | x | x | x | Used by Tomcat AJP Connector (not in active use in ShareScan installation) | ||
| TCP | 8080 | x | x | x | x | x | x | x | x | x | x | Main communication channel for web based devices (when HTTPS is disabled) | ||||
| TCP | 8080 | x | x | x | x | Communication port for web-based Simulator. When no web devices are used, the port is not needed to be opened for the outside | ||||||||||
| TCP | 8080 | x | x | x | x | x | x | Used to connect to Web Services on the devices, when HTTPS not used | ||||||||
| TCP | 8081 | x | x | x | x | x | x | x | x | x | x | x | x | x | Proxy port for HTTP requests of the Web Simulator, when using the Simulator on a server managed remotely (via the Remote Mnagement feature) For eCopy Scanfront 300 (8081 TCP port need to be opened between ShareScan server and ScanFront device) |
|
| TCP | 8800 | x | x | x | x | x | x | x | x | x | x | x | HTTP port for the Job Monitor Web UI (not necessary if Job Monitor is not enabled) | |||
| TCP | 8802 | x | x | x | x | x | x | x | x | x | x | x | ShareScan Job Monitor Host service communicates to the Agent service via this internal port | |||
| TCP | 8802 | x | x | x | x | x | x | x | x | x | x | x | ShareScan Job Monitor Host service communicates to the Agent service via this internal port | |||
| TCP | 8802 | x | x | x | x | x | x | x | x | x | x | x | ShareScan Job Monitor Host service communicates to the Agent service via this internal port | |||
| TCP | 8843 | x | x | x | x | x | x | x | x | x | x | x | Secure counterpart of port 8800 | |||
| TCP | 9030 | x | x | x | x | x | x | Used by the ShareScan Manager to send messages to the clients. In case of Ricoh and Canon MEAP, these are sent directly to the device | ||||||||
| TCP | 9030 | x | x | x | x | x | x | x | x | x | x | In case of web-based devices control messages are sent to the Tomcat Web server on the same machine | ||||
| TCP | 9031 | x | x | x | x | x | x | x | x | ScanStation only: control messages are sent to the ScanStation client from the ShareSCan Manager on the same machine | ||||||
| TCP | 9031 | x | x* | Used by the ShareScan Manager to send messages to the MEAP Client. *Used only in case of VISA 5.1 custom build | ||||||||||||
| TCP | 9325 | x | x | x | x | x | x | x | x | x | x | x | x | Input port for Cost Recovery Protocol based integration | ||
| TCP | 9425 | x | x | x | x | x | x | x | x | x | x | x | x | Input port for ID Services based integration (NTWare / Uniflow) | ||
| TCP | 9599 | x | x | x | x | x | x | x | x | x | x | x | Port used for test purposes, by the Troubleshooter tool. Not required in production systems | |||
| TCP | 9600 | x | x | x | x | x | x | Main ShareScan Manager communication port. Used by the ShareScan embedded clients to send requests to the ShareScan Manager service | ||||||||
| TCP | 9600 | x | x | x | x | x | x | x | x | x | x | In case of web-based devices requests are sent by the Tomcat Web server to the ShareSCan Manager Service on the same machine | ||||
| TCP | 9601 | x | x | x | x | x | x | x | x | x | x | x | x | x | Communication port used by the Agent Service (Administration Console and Agents on other machines are connecting to this) | |
| TCP | 9602 | x | x | x | x | x | x | x | x | x | x | x | x | Tracing port, used by the Nuance Imaging Framework (NIF) Tracing Service | ||
| TCP | 9605 | x | x* | x | Secure registration callback port. *Used in the VISA 5.1 custom build | |||||||||||
| TCP | 9610 | x | x | x | x | Image upload port, only in v5.4 and above for embedded clients | ||||||||||
| TCP | 9611 | x | x | x | x | Secure image upload port, only in 5.4 SP2 and above for embedded clients. | ||||||||||
| TCP | 9621 | x | x* | x | Secure counterpart of port 9600. *Used only in the VISA 5.1 custom build | |||||||||||
| TCP | 9650 | x | x | x | x | x | x | x | x | x | x | x | x | Used in multi manager / HA setups, for Manager to Manager communication | ||
| TCP | 9700 | x | x | x | x | x | x | x | x | x | x | x | Management port, when Capture Server Monitor is used to test this ShareScan server | |||
| TCP | 9900 | x | x | x | x | x | x | x | x | x | Web Client (Tomcat) HTTP requests to Agent for web device configuration information | |||||
| TCP | 9901- | x | x | x | x | x | x | x | x | x | x | x | x | Used by Business Automation document service, co communicate with service processes. When a new (concurrent) instance is created, the port number is increased with 1 | ||
| TCP | 19150 | x | x | x | x | x | x | x | x | x | x | x | FPE / Form Processing Service | |||
| TCP | 50001 | x | x | x | x | x | Web Service port on KM devices | |||||||||
| TCP | 50002 | x | x | x | x | x | Port used by KM devices on Tomcat service | |||||||||
| TCP | 50003 | x | x | x | x | x | Web Service port on KM devices | |||||||||
| UDP | 135 | x | x | x | x | x | x | x | x | x | x | x | x | x | Messenger service, may need to be opened for image transfer | |
| UDP | 161 | x | x | x | x | x | x | x | x | x | x | x | x | Standard port of SNMP protocol (used by device discovery and for Xerox scanning). | ||
| UDP | 8125 | x | x | x | x | x | x | x | x | x | x | x | x | x | Used by the ShareScan Manager to send the status messages that are displayed in the Administration Console and Activity Monitor | |
| UDP | 8899 | x | x | x | x | x | x | Used by ShareScan device discovery | ||||||||
| UDP | 9650 | x | x | x | x | x | x | x | x | x | x | x | x | Port for ShareScan managers to communicate about output creator processes. Also a maintenance service port for ShareScan managers in multi-manager setups | ||
| UDP | 9655 | x | x | x | x | x | x | x | x | x | x | x | Management port between ShareScanManager and ShareScanAgent services | |||
| UDP | 9988 | x | x | x | x | x | x | Used by ShareScan device discovery |
Notes:
- Ping is required between the server and device. ShareScan requires ICMP, specifically PING, to establish connection between the ShareScan Manager and MFPs. MFPs may appear to be Offline if ICMP traffic is blocked. See KB 16452.
- If any of these ports are used by other applications, ShareScan displays a warning message indicating what ports are in use. Even though the install will go through, the administration should make the appropriate changes to ensure that ShareScan works properly.
- While ShareScan supports multiple domains, a single domain is highly recommended for best performance.
- While ShareScan supports multiple workgroups, a single workgroup is highly recommended for best performance.
- The ShareScan Manager PC can be on different subnets or VLANs from the multifunction devices, provided that the multifunction devices can communicate with the Manager PC using an IP address. If multifunction devices span multiple subnets or VLANs, a router is required to pass packets back and forth. However, in these situations the UDP and the SNMP based device discovery mechanisms may not be functional.
- ShareScan 5.0 does not support multiple network adapters in the ShareScan Manager PC.
Attachments:
ShareScan54Policy.wfw (184 KB)
ShareScan_5.x_Port_List.xlsx (17 KB)