The following ports are used by Prinergy, and need to be open for Prinergy to work:
Port | Protocol | Process |
---|---|---|
80 | TCP | IIS Server, Setup, Track, *Automatic License Renewal |
443* | TCP | HTTPS (*required for automatic license renewal functionality) |
445 | TCP | SMB |
548 | TCP | AFP (only required if clients use AFP to mount job volumes) |
1521, 2481 | TCP | Oracle |
49100 - 49102 | TCP | Orbacus connection for daemons. 49101 must be accessible from Workshop clients. |
49108, 58888 | TCP | Link |
37001, 49998 | TCP | DiagView daemon, DiagView server |
50010 | UDP | Floating License Manager |
56765 | TCP | Floating License Manager |
37100, 37101 | TCP | Dashboard components |
61233, 61234, 61235, 18804 | TCP | RBA components |
18005, 18080 | TCP | Prinergy Layout Automation |
37102, 37150 - 37250, 61237 | TCP | Digital Print |
52001 | TCP | Prinergy access to ColorFlow Server |
49105 | TCP | ColorFlow database access |
37002 | UDP | Locator daemon. Must be accessible from Workshop clients. |
32000-32003, 31000-31003, 52002, 8082-8085, 8091 | TCP | Help system. Must be accessible from Workshop clients. |
49152-65535 | TCP | Ports are dynamically allocated in this range to Prinergy daemons and connected to from Workshop clients. The entire range must be accessible from the Workshop clients in order for Workshop to function correctly. |
Note: AFP port information is given for informational purposes and legacy configurations only. AFP is not qualified with Prinergy Workflow 8.0 or later.
Note: For ports required for Kodak Proofing Software, please refer to KPS Ports required page.
The Built-in Windows Firewall is supported
If you require the Windows Firewall to be enabled on your Prinergy system, please open a call with your regional support offices. When opening the call please reference Kodak internal Article ID 75521.
Information about the firewall requirements of Kodak Proofing Software (KPS), InSite Prepress Portal, InSite Creative Workflow, and other Kodak portal products can be obtained by contacting your regional support offices.
Additional Firewall considerations
If there is a firewall between the Prinergy servers and the Workshop clients, it is critical that the firewall does not close idle connections after some arbitrary time period. If it does, this could result in lags or stalls in Workshop when it is forced to re-establish its connections to the server. Instead, the firewall should be configured to only close the connection if it is determined to be dead by probing to the end hosts to determine the validity of the connection. This feature is known as 'Dead Connection Detection' on Cisco firewalls. If such a feature does not exist on your chosen firewall then the idle timeout should be set to a period equal to a typical production shift and operators should be warned that Workshop may stall for up to a couple of minutes when they return to it if it has been left running but idle for a longer period.
Local-Link IPv4
Subnet IP range 169.254.x.x is reserved within the IPv4 specification for Local-Link self-assigned IP addresses and is not operationally compatible with Prinergy Workflow server software.
See IETF.org article rtfc3927 - https://tools.ietf.org/html/rfc3927