There are some deployments where a firewall is between the TMSM server and the client. If certain ports are not allowed, two (2) functionalities will not work:
- Client-to-server communication for client connection requests for data exchange
- Client-to-server communication for component updates
If the network communication between the TMSM server and client is blocked during installation, an error message such as the following may occur:
Trend Micro Security has not been registered to its parent server, or is not functional because the server has not been activated.
To ensure that both functions work in an environment that requires a firewall between the TMSM server and client, make sure that the following ports/traffic are allowed:
- Port 61617 from the TMSM client to the server, and vice-versa. This is for the client communication.
- HTTP/HTTPS (i.e. 8080 and 4343) port from the TMSM client to the server. This is for component updates.
If the communication port from the TMSM client to the server (or vice-versa) has been changed, it is necessary to reinstall the package on the target TMSM client.
Should the ports be correctly configured, the TMSM client will appear as INTERNAL. Below are some other details that should be noted:
Internal TMSM client
- TMSM client that appears with a red T-ball means that the client is connected to the OfficeScan/TMSM server
- Can be seen on the OfficeScan/TMSM console
- Internal WRS setting takes effect
- Can update when you click Update Now
External TMSM client
- TMSM client that appears with a gray T-ball means that the client may be disconnected
- May not be seen on the OfficeScan/TMSM console
- External WRS setting takes effect
- May not be able to update through the Update Now button
If you need technical assistance, contact Trend Micro Technical Support.