Home » Domains required for Agent communication
 
  • US Data center (.com)
  • EU Data center (.eu)
  • AU Data center (com.au)
  • IN Data center (.in)
  • JP Data center (.jp)
  • CN Data center (.cn)
  • CA Data center (.ca)
  • UK Data center (.uk)
  • SA Data center (.sa)

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
desktopcentral.manageengine.com

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.comNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
us3-dms.zoho.com

 
us4-dms.zoho.com

 
download-accl.zoho.com

 
downloads.zohocdn.com

 
files-me-accl.zoho.com

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The Distribution server should connect to these websites:

 
desktopcentral.manageengine.com

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.comNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
us3-dms.zoho.com

 
us4-dms.zoho.com

 
download-accl.zoho.com

 
downloads.zohocdn.com

 
files-me-accl.zoho.com

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
desktopcentral.manageengine.com

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.comNEW

 
us3-dms.zoho.com

 
us4-dms.zoho.com

 
download-accl.zoho.com

 
downloads.zohocdn.com

 
files-me-accl.zoho.com

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
US region data centre IP's

 
Geo DNS Domains 

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
desktopcentral.manageengine.eu

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.euNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
eu1-dms.zoho.eu

 
eu2-dms.zoho.eu

 
download-accl.zoho.eu

 
downloads.zohocdn.com

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The DS should connect to these websites:

 
desktopcentral.manageengine.eu

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.euNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
eu1-dms.zoho.eu

 
eu2-dms.zoho.eu

 
download-accl.zoho.eu

 
downloads.zohocdn.com

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
desktopcentral.manageengine.eu

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.euNEW

 
eu1-dms.zoho.eu

 
eu2-dms.zoho.eu

 
download-accl.zoho.eu

 
downloads.zohocdn.com

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
EU region data centre IP's

 
Geo DNS Domains 

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
desktopcentral.manageengine.com.au

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.com\.au

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
au1-dms.zoho.com.au

 
au2-dms.zoho.com.au

 
downloads.zohocdn.com

 
download.zoho.com.au

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The DS should connect to these websites:

 
desktopcentral.manageengine.com.au

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.com\.au

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
au1-dms.zoho.com.au

 
au2-dms.zoho.com.au

 
downloads.zohocdn.com

 
download.zoho.com.au

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
desktopcentral.manageengine.com.au

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.com\.au

 
au1-dms.zoho.com.au

 
au2-dms.zoho.com.au

 
downloads.zohocdn.com

 
download.zoho.com.au

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
AU region data centre IP's

 
Geo DNS Domains

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
desktopcentral.manageengine.in

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.inNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
in1-dms.zoho.in

 
in2-dms.zoho.in

 
download-accl.zoho.in

 
downloads.zohocdn.com

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The DS should connect to these websites:

 
desktopcentral.manageengine.in

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.inNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
in1-dms.zoho.in

 
in2-dms.zoho.in

 
download-accl.zoho.in

 
downloads.zohocdn.com

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
desktopcentral.manageengine.in

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.inNEW

 
in1-dms.zoho.in

 
in2-dms.zoho.in

 
download-accl.zoho.in

 
downloads.zohocdn.com

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
IN region data centre IP's

 
Geo DNS Domains 

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
desktopcentral.manageengine.jp

 
endpointcentral-agent0.manageengine.jp

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
jp1-dms.zoho.jp

 
jp2-dms.zoho.jp

 
downloads.zohocdn.com

 
download.zoho.jp

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The DS should connect to these websites:

 
desktopcentral.manageengine.jp

 
endpointcentral-agent0.manageengine.jp

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
jp1-dms.zoho.jp

 
jp2-dms.zoho.jp

 
downloads.zohocdn.com

 
download.zoho.jp

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
desktopcentral.manageengine.jp

 
endpointcentral-agent0.manageengine.jp

 
jp1-dms.zoho.jp

 
jp2-dms.zoho.jp

 
downloads.zohocdn.com

 
download.zoho.jp

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
JP region data centre IP's

 
Geo DNS Domains 

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
desktopcentral.manageengine.cn

This is the server's URL. The roaming agent updates the task status to the cloud server and in order to ensure seamless agent-server communication, the agent has to connect to desktopcentral.manageengine.cn. Check Domain

 
endpointcentral-agent0.manageengine.cn

Endpoint central agents will use this domain to contact endpoint central servers Check Domain

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
cn2-dms.zoho.com.cn

 
cn3-dms.zoho.com.cn

 
downloads.zohocdn.com

 
download.zoho.com.cn

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The DS should connect to these websites:

 
desktopcentral.manageengine.cn

 
endpointcentral-agent0.manageengine.cn

Endpoint central distribution server will use this domain to contact endpoint central server. Check Domain

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
cn2-dms.zoho.com.cn

 
cn3-dms.zoho.com.cn

 
downloads.zohocdn.com

 
download.zoho.com.cn

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
desktopcentral.manageengine.cn

 
endpointcentral-agent0.manageengine.cn

Endpoint central agents will use this domain to contact endpoint central servers Check Domain

 
cn2-dms.zoho.com.cn

 
cn3-dms.zoho.com.cn

 
downloads.zohocdn.com

 
download.zoho.com.cn

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
CN region data centre IP's

 
Geo DNS Domains 

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
desktopcentral.manageengine.ca

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.caNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
ca1-dms.zohocloud.ca

 
ca2-dms.zohocloud.ca

 
downloads.zohocdn.com

 
download.zohoone.ca

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The DS should connect to these websites:

 
desktopcentral.manageengine.ca

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.caNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
ca1-dms.zohocloud.ca

 
ca2-dms.zohocloud.ca

 
downloads.zohocdn.com

 
download.zohoone.ca

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
desktopcentral.manageengine.ca

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.caNEW

 
ca1-dms.zohocloud.ca

 
ca2-dms.zohocloud.ca

 
downloads.zohocdn.com

 
download.zohoone.ca

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
CA region data centre IP's

 
Geo DNS Domains 

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
desktopcentral.manageengine.uk

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.ukNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
uk1-dms.zoho.uk

 
uk2-dms.zoho.uk

 
downloads.zohocdn.com

 
download.zoho.uk

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The DS should connect to these websites:

 
desktopcentral.manageengine.uk

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.ukNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
uk1-dms.zoho.uk

 
uk2-dms.zoho.uk

 
downloads.zohocdn.com

 
download.zoho.uk

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
desktopcentral.manageengine.uk

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.ukNEW

 
uk1-dms.zoho.uk

 
uk2-dms.zoho.uk

 
downloads.zohocdn.com

 
download.zoho.uk

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
UK region data centre IP's

 
Geo DNS Domains 

Domains required for Agent communication

This document provides the list of approved domains and IP addresses which are required for seamless agent-server communication.

Domain Whitelist

Communication across remote offices is possible in the following ways:

Direct communication (Roaming users)

Roaming users directly contact the cloud server. Since these users are constantly roaming, they can't be managed by a central server. Therefore, the roaming agents should connect to these websites:

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.saNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
sa1-dms.zoho.sa

 
sa2-dms.zoho.sa

 
downloads.zohocdn.com

 
files.zoho.sa

Through Distribution Server

Distribution server is a component which allows you to download patch binaries from the respective vendor websites and distribute it to all the remote office computers managed under the DS. The DS should connect to these websites:

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.saNEW

 
patchdb.manageengine.com

 
patchdatabase.manageengine.com

 
sa1-dms.zoho.sa

 
sa2-dms.zoho.sa

 
downloads.zohocdn.com

 
files.zoho.sa

Distribution Server agents

The agents which belong to remote office/WAN should connect to these domains:

 
(endpointcentral-agent)(p)?[0-9]{1,2}\.manageengine\.saNEW

 
sa1-dms.zoho.sa

 
sa2-dms.zoho.sa

 
files.zoho.sa

 
downloads.zohocdn.com

IP Whitelist

Here's the list of IP addresses that are required to be added to the whitelist

 
SA region data centre IP's

 
Geo DNS Domains 

Ports

These Ports must be enabled for communication between the agent and the server

Port Purpose Type Connection
443 For communication between the agent or distribution server and the Endpoint Central server.

Source: Agent/Distribution server
Destination: Endpoint Central server
HTTPS Outbound from Agent/DS
443 The Notification server port is responsible for communicating on-demand operations from the server to the agent.

Source: Agent/Distribution server
Destination: Notification server
WSS

Outbound from Agent/DS

8384 For communication between remote agent and distribution server

Source: Agent
Destination: distribution server
HTTPS

Inbound to distribution server
Outbound from Agent/DS

Module Wise Configurations

  • Patch Management
  • Remote Control
-

Domains

Exclude these Domains in the firewall and proxy settings -

  • *.zoho.com
  • *.zohoassist.com
  • *.zoho.eu
  • *.zohoassist.eu
  • *.zoho.in
  • *.zohoassist.in
  • *.zoho.jp
  • *.zohoassist.jp
  • *.zoho.cn
  • *.zohoassist.com.cn
  • *.zoho.com.au
  • *.zohoassist.au

Ports

Allow the following ports in your firewall settings -

TCP and WebSocket ports 443.

Directories

Exclude the following directories from your firewall and anti-virus settings -

  • 32 bit OS - %localappdata%/zohomeeting/, %programfiles%/ZohoMeeting
  • 64 bit OS - %localappdata%/zohomeeting/, %programfiles(x86)%/ZohoMeeting