> For the complete documentation index, see [llms.txt](https://documentation.2pintsoftware.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://documentation.2pintsoftware.com/stifler/2.10/planning/firewall-ports.md).

# Firewall Ports

### StifleR Ports

This page provides a detailed overview of the network ports required for the **InterVLAN** feature and related services. It outlines the specific client ports used by **StifleR Client** and **BranchCache**, including communication flow and directionality.

Refer to the tables below for the full list of ports, usage descriptions, and whether they require explicit allowance in your firewall configuration.

Additionally you can review [BranchCache Distributed Cache Mode](https://stifler.docs.2pintsoftware.com/introduction/technical-overview/2pint-branchcache-administrator-guide#toc462952235) for Firewall Ports needed for BranchCache communications.

#### Stifler Service Local Firewall Port openings required - Outgoing

<table data-full-width="true"><thead><tr><th width="168">Name</th><th width="238">Description</th><th width="134">Local Address</th><th width="247">Remote Address</th><th width="110">Local Port</th><th width="125">Remote Port</th><th width="110">Protocol</th><th>Customizable </th></tr></thead><tbody><tr><td>StifleR Service</td><td>Global catalog LDAP</td><td>Any</td><td>for Domain accounts usage</td><td>3268</td><td>3268</td><td>TCP</td><td>No</td></tr><tr><td>Stifler Service</td><td>https</td><td>Any</td><td>Connection for the dashboard</td><td>443</td><td>443</td><td>TCP</td><td>No</td></tr><tr><td>Stifler Service</td><td>SQL Server Service Broker</td><td>Any</td><td>only if SQL is enabled</td><td>4022</td><td>4022</td><td>TCP</td><td>Yes</td></tr><tr><td>Stifler Service</td><td>SQL Server service</td><td>Any</td><td>only if SQL is enabled</td><td>1433</td><td>1433</td><td>UDP</td><td>Yes</td></tr></tbody></table>

#### Stifler Client Local Firewall Port openings required - Incoming

<table data-full-width="true"><thead><tr><th width="298">Name</th><th width="337">Executable</th><th width="134">Local Address</th><th width="157">Remote Address</th><th width="110">Local Port</th><th width="125">Remote Port</th><th width="110">Protocol</th><th width="134">Customizable </th></tr></thead><tbody><tr><td>Blue Leader Data From Remote Peer </td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Any</td><td>1337</td><td>Any</td><td>TCP</td><td>Yes</td></tr><tr><td>Green Leader Peer Data</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Any</td><td>1337, 1339</td><td>Any</td><td>TCP</td><td>Yes</td></tr><tr><td>Blue Leader Peer Data</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Local Subnet</td><td>1338</td><td>Any</td><td>TCP</td><td>Yes</td></tr><tr><td>Peer Probes</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Local Subnet</td><td>3702</td><td>Any</td><td>UDP</td><td>Yes</td></tr><tr><td>Blue Leader Peer Probe Match</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Any</td><td>Any</td><td>3702</td><td>UDP</td><td>Yes</td></tr><tr><td>mDNS</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Local Subnet</td><td>5353</td><td>Any</td><td>UDP</td><td>Yes</td></tr><tr><td>Stifler Service</td><td>Stifler Client</td><td>Any</td><td>Any</td><td>1414</td><td>Any</td><td>TCP</td><td></td></tr></tbody></table>

#### Stifler Client Local Firewall Port openings required - Outgoing

<table data-full-width="true"><thead><tr><th width="346">Name</th><th width="337">Executable</th><th width="142">Local Address</th><th width="157">Remote Address</th><th width="110">Local Port</th><th width="125">Remote Port</th><th width="110">Protocol</th><th width="148">Customizable </th></tr></thead><tbody><tr><td>Beacon - iPerf packets</td><td></td><td>Any</td><td>Stifler Beacons</td><td>Any</td><td>5201</td><td>UDP</td><td>Yes</td></tr><tr><td>Beacon - FastPing</td><td></td><td>Any</td><td>Stifler Beacons</td><td>Any</td><td>5200</td><td>TCP</td><td>Yes</td></tr><tr><td>Blue Leader Data to requesting Peer</td><td>SYSTEM</td><td>Any</td><td>Any</td><td>Any</td><td>1338</td><td>TCP</td><td>Yes</td></tr><tr><td>Blue Leader Data From Remote Peer</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Any</td><td>1337</td><td>Any</td><td>TCP</td><td>Yes</td></tr><tr><td>Green Leader Peer Data</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Any</td><td>Any</td><td>1337.1339</td><td>TCP</td><td>Yes</td></tr><tr><td>Blue Leader Peer Data</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Local Subnet</td><td>Any</td><td>1338</td><td>TCP</td><td>Yes</td></tr><tr><td>Peer Probes</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Local Subnet</td><td>3702</td><td>Any</td><td>UDP</td><td>Yes</td></tr><tr><td>Blue Leader Peer Probe Match</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Any</td><td>Any</td><td>3702</td><td>UDP</td><td>No</td></tr><tr><td>Blue Leader Probe Port</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td>Any</td><td>Any</td><td>3703</td><td>3703</td><td>UDP</td><td>Yes</td></tr><tr><td>mDNS</td><td>TwoPint.PeerDist.BlueGreenLeader.exe</td><td></td><td></td><td>Any</td><td>5353</td><td>UDP</td><td></td></tr><tr><td>Access to Stifler Service</td><td>Stifler.Client.exe</td><td>Any</td><td>Any or Stifler server</td><td>Any</td><td>1414</td><td>UDP</td><td>No</td></tr><tr><td>Access to Stifler Service</td><td>Stifler.Client.exe</td><td>Any</td><td>Any or Stifler server</td><td>Any</td><td>1414</td><td>TCP</td><td>No</td></tr><tr><td>Access to Stifler Service</td><td>Twopint.remotetools.host.exe</td><td>Any</td><td>Any or Stifler server + Action hubs</td><td>Any</td><td>1415</td><td>UDP</td><td>No</td></tr><tr><td>Access to Stifler Service</td><td>Twopint.remotetools.host.exe</td><td>Any</td><td>server + Action hubs</td><td>Any</td><td>1415</td><td>TCP</td><td>No</td></tr><tr><td>Access to Stifler Service</td><td>Browser</td><td>Any</td><td>Stifler Server</td><td>Any</td><td>9000</td><td>TCP</td><td>No</td></tr><tr><td>Access to Stifler Service</td><td>Browser</td><td>Any</td><td>Any or Stifler server</td><td>Any</td><td>1414</td><td>TCP</td><td>No</td></tr><tr><td>Access to Stifler Service</td><td>Browser</td><td>Any</td><td>Any or Stifler server + Action hubs</td><td>Any</td><td>1415</td><td>TCP</td><td>No</td></tr></tbody></table>

#### BranchCache Local Firewall Port openings required - Incoming

<table data-full-width="true"><thead><tr><th width="346">Name</th><th width="337">Executable</th><th width="142">Local Address</th><th width="157">Remote Address</th><th width="110">Local Port</th><th width="125">Remote Port</th><th width="110">Protocol</th><th width="144">Customizable </th></tr></thead><tbody><tr><td>BranchCache Content Retrieval (HTTP-In)</td><td>SYSTEM</td><td>Any</td><td>Any</td><td>1337</td><td>Any</td><td>TCP</td><td>Yes</td></tr><tr><td>BranchCache Hosted Cache Server (HTTP-In)</td><td>SYSTEM</td><td>Any</td><td>Any</td><td>1339, 443</td><td>Any</td><td>TCP</td><td>Yes</td></tr><tr><td>BranchCache Peer Discovery (WSD-In)</td><td>%SYSTEMROOT%\system32\svchost.exe</td><td>Any</td><td>Local Subnet</td><td>3702</td><td>Any</td><td>TCP</td><td>No</td></tr></tbody></table>

#### BranchCache Local Firewall Port openings required - Outgoing

<table data-full-width="true"><thead><tr><th width="346">Name</th><th width="337">Executable</th><th width="142">Local Address</th><th width="157">Remote Address</th><th width="110">Local Port</th><th width="125">Remote Port</th><th width="110">Protocol</th><th width="144">Customizable </th></tr></thead><tbody><tr><td>BranchCache Content Retrieval (HTTP-Out)</td><td>SYSTEM</td><td>Any</td><td>Any</td><td>Any</td><td>1337</td><td>TCP</td><td>Yes</td></tr><tr><td>BranchCache Hosted Cache Client (HTTP-Out)</td><td>SYSTEM</td><td>Any</td><td>Any</td><td>Any</td><td>1339, 443</td><td>TCP</td><td>Yes</td></tr><tr><td>BranchCache Hosted Cache Server(HTTP-Out)</td><td>SYSTEM</td><td>Any</td><td>Any</td><td>1339, 443</td><td>Any</td><td>TCP</td><td>Yes</td></tr><tr><td>BranchCache Peer Discovery (WSD-Out)</td><td>%SYSTEMROOT%\system32\svchost.exe</td><td>Any</td><td>Local Subnet</td><td>Any</td><td>3702</td><td>UDP</td><td>No</td></tr></tbody></table>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://documentation.2pintsoftware.com/stifler/2.10/planning/firewall-ports.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.