Enterprise ERP Port and Firewall Requirements
What firewall ports need to be opened for EERP/Munis and integrating products to function properly?
Enterprise ERP
Ports
Firewall
TCP
UDP
Server
Network
On-premise
Munis Port and Firewall Requirements
Allow list
Munis Network
Port requirements may need to be tailored due to client internal and/or network firewalls. Ports will need to be mirrored on both internal and network firewalls.
Example: If port 22 is open inbound internally, but on the network firewall it is closed, you will not be able to deploy Tyler Forms (DocOrigin) updates for tylerdeploy.com.
Firewall port rules need to be implemented on each server if clients block communication between internal servers. If no ports are blocked, you may not need to open specific ports on each server.
Example: Issues communicating/connecting to SQL services from an alternate internal server - open Inbound SQL ports on the DB server and Outbound on each individual server.
All Servers
Port | Protocol | Direction | Description |
---|---|---|---|
135 | TCP | Outbound | Connectivity to the SQL Integration Services |
443 | TCP | Inbound/Outbound | Standard port for HTTPS traffic |
1433 | TCP | Outbound | Connectivity to the default instance of SQL Server |
1434 | UDP | Outbound | Connectivity to the SQL Server Browser. SQL Server Browser listens for connections over this port and then routes the traffic to the corresponding TCP port for the SQL Server named instance (TYLERCI) |
2382 | TCP | Outbound | Connectivity to the SQL Server Browser. SQL Server Browser listens for connections over this port and then routes the traffic to the corresponding TCP for the SQL Server Analysis Services named instance (TYLERCI). |
2383 | TCP | Outbound | Connectivity to the default SQL Server Analysis Services |
10943-10950 | TCP | Inbound/Outbound | Used to send packages to your application servers for updates and installations. This traffic will always initiate from the internal servers. |
Enterprise ERP (EERP) Application Server
Port | Protocol | Direction | Description |
---|---|---|---|
22 | TCP | Inbound/Outbound | Connection used with Tyler Deploy for downloading files.
|
25 | TCMTP | Outbound | Communication to your SMTP server |
389 | UDP | Outbound | Allows for LDAP communication to grab users from Active Directory |
587 | SMTP | Outbound | SMTP communication for Office 365/ Gmail *Note: dependent upon your mail sever configuration |
636 | TCP | Outbound | Allows for LDAPS communication to grab users from Active Directory |
Infrastructure Server
Port | Protocol | Direction | Description |
---|---|---|---|
443 | TCP | Inbound/Outbound | Standard port for HTTPS traffic *Notes:
|
Tyler Content Manager (TCM) Server
Port | Protocol | Direction | Description |
---|---|---|---|
22 | TCP | Inbound/Outbound | Connection to Tyler Deploy for Tyler Forms (DocOrigin: forms updates). |
844* | TCP | Inbound/Outbound | Port for non-Prod HTTPS traffic *Note: required for additional instances of TCM (Train/Test/Impl/etc ) |
Time and Attendance (TA) Server
Port | Protocol | Direction | Description |
---|---|---|---|
71** | TCP | Inbound/Outbound | Port for non-Prod HTTPS traffic *Note: Please allow the URLs in Time & Attendance External URL References in Core Code *Note: additional ports required for additional instances of TA (Train/Test/Impl/etc ) |
Web Server
Port | Protocol | Direction | Description |
---|---|---|---|
389 | UDP | Outbound | Allows for LDAP communication to grab users from Active Directory |
443 | TCP | Inbound/Outbound | Standard port for HTTPS traffic *Note: Please allow this URL: identity.tylerportico.com (this is required for CSS/VSS functionality) |
636 | TCP | Outbound | Allows for LDAPS communication to grab users from Active Directory |
71** | TCP | Inbound/Outbound | Port for HTTPS traffic *Note: required for additional instances of TA (Train/Test/Impl/etc ) |
Database Server
Port | Protocol | Direction | Description |
---|---|---|---|
135 | TCP | Inbound | Connectivity to the SQL Integration Services |
DYNAMIC | TCP | Inbound | Connectivity to the default instance of SQL Server Note: can be set to a static IP upon request (for example: 1433) |
1434 | UDP | Inbound | Connectivity to the SQL Server Browser. SQL Server Browser listens for connections over this port and then routes the traffic to the corresponding TCP port for the SQL Server named instance (TYLERCI) |
2382 | TCP | Inbound | Connectivity to the SQL Server Browser. SQL Server Browser listens for connections over this port and then routes the traffic to the corresponding TCP for the SQL Server Analysis Services named instance (TYLERCI) |
2383 | TCP | Inbound | Connectivity to the default SQL Server Analysis Services |
Disaster Recovery Clients Only
Port | Protocol | Direction | Description |
---|---|---|---|
807 | TCP | Outbound | Communication from the EERP Application server and Tyler DR (208.64.237.17 & 208.64.237.57). This is used for transferring backups *Note: only required for Disaster Recovery Clients |
2546 | TCP | Outbound | Communication from the EERP Application server and Tyler DR (208.64.237.17 & 208.64.237.57). This is used for transferring backups *Note: only required for Disaster Recovery Clients |
8086 | TCP | Inbound/Outbound | Communication between the EERP Application server and Tyler DR (208.64.239.123). This is used for WebCC and EVAULT monitoring and management *Note: only required for Disaster Recovery Clients |
8087 | TCP | Inbound/Outbound | Communication between the EERP Application server and Tyler DR (208.64.239.123). This is used for WebCC and EVAULT monitoring and management *Note: only required for Disaster Recovery Clients |
Network Firewall
URL | Description |
---|---|
Enterprise ERP Centrals and .NET programs reference the Tyler Content Delivery Network (CDN) for icons and font |