Printix Administrator Manual

1.8.5. Network ports

Network ports and protocols

Secure communication
All Printix communication inside and outside the network is secured with encryption and the use of HTTPS (SSL/TLS). Documents are stored encrypted until they expire and get deleted. Documents do not need to leave your network.

  • HTTPS on TCP port 443
    Secure browser communication between the components and Identity Providers, such as Microsoft (Azure AD), Google (G Suite) and others.

These ports must be open within the network:

  • SNMP on UDP port 161
    Access and collect information from printers via SNMP v1. Please inform us if you require SNMP v3 or use a Community name, which is different from: “public”. ICMP message requests and replies must be allowed on the local network, as the ping command is used to discover printers.
  • RAW print on TCP port 9100
    Transfer print data to the printers. The computer with Printix Client must be able to reach the printer on the network to allow printing. Print data can also be sent via LPR and TCP port 515. Use of other port numbers is also supported.
  • TCP port 21335
    Forward print data to another computer running Printix Client. Encrypted.
  • TCP port 21336
    Secure communication to Printix Redirector on a Windows Server.
  • UDP port 21337
    Printix Discovery Protocol used to find computers running Printix Client. Not encrypted.

If Active Directory authentication is enabled one of these ports must also be open within the network:

  • Secure LDAPS on TCP 636
    Authentication of users via secure LDAPS.
  • LDAP on TCP port 389
    Authentication of users via LDAP.

Printix Client requires two ports to be open on the local computer:

  • TCP port 21338 and 21339
    Secure local communication.

Windows Printix Client automatically configures the required ports in the local Windows Firewall. It does so by running the provided file: open_firewall.cmd

Web proxy and SSL inspection

Use of a web proxy and/or SSL inspection may for example prevent Sign in to Printix Client. You MUST add the printix.net domain and subdomains as exceptions so traffic is not blocked.

The syntax for adding exceptions varies depending on the software you use. Please refer to you security software documentation to determine the syntax for specifying a domain and subdomains. These are some common examples of wildcard syntax:

  • *.printix.net
  • .printix.net

The specific URLs that must be unblocked:

Required

  • https://assets.printix.net
  • https://api.printix.net
  • https://auth.printix.net
  • https://sign-in.printix.net
  • https://websocket.proxyendpoint.printix.net
  • https://printix.s3-eu-west-1.amazonaws.com/tenants/*
    • Printix Client automatic software update.
  • https://s3-eu-west-1.amazonaws.com/printer-drivers/*
    • Print drivers downloaded from Printix driver store.

Required, if you enable print via the cloud

  • https://printix-jobs-file-upload.s3-eu-west-1.amazonaws.com
  • https://printix-jobs.s3-eu-west-1.amazonaws.com

Required for optional data extraction

  • https://*.blob.core.windows.net

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Please do not use this for support questions.
Printix Help Center

Post Comment