WFBS-SVC uses UDP ports 61117 and 61118 to communicate with other agents in the network.

These ports serve the following purposes:

Port 61117

• For AA/IA election
• For AAs to collect the online/offline information then send back to server

Port 61118

Used by the WhoisAA tool as a listen port to discover other agents in the network.

There are instances where you'll discover that both UDP ports are claimed by DNS that causes WFBS-SVC agents to show as "Offline" in the WFBS-SVC console.

  UDP    0.0.0.0:61117          *:*                                    1664
 [dns.exe]
  UDP    0.0.0.0:61118          *:*                                    1664
 [dns.exe]

To avoid this conflict, add both UDP ports in the DNS reserved ports so they will not be used by the dns.exe process.

1. On the registry editor, navigate to the following key:

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tcpip\parameters

2. On the right-pane, look for the key “ReservedPorts”.

   

   Click image to enlarge.

3. If the key does not exist, do Steps 3a-3c. If the key exists, do Steps 3b-3c.
   1. Right-click the Parameters folder and select New > Multi-String Value. Name the value "ReservedPorts".
   2. Right-click ReservedPorts and select Modify.
   3. Set the Value to "61117-61118" then click Ok.
4. Restart the following services
   • DNS Server
   • DNS Client
   • Trend Micro Client Server Security Agent
5. Wait 5-10 minutes for the Security Agent to show as "Online" in the console.