Allowing Wildfire through a firewall

Hatem_BEN_RAIS · March 27, 2007, 8:09am

hi all,

I have a newly hosted wildfire server and my ISP is asking for which protocols should these ports be opened in their firewall :

9090,9091, 5222, 5223, 5262,10015.

These are the default ports specified by Wildfire during installation:

9090: Server admin

9091: Server admin (SSL)

5222: client

5223: client SSL

5262: Connections Manager

10015: External Components.

I am a bit confused since I know everything is based either on XMPP or TCP. So for ex should I specify that 5222 uses TCP or XMPP ?

Thanks for helping me.

Darren_Sykes · March 27, 2007, 8:42am

TCP is the protocol used (XMPP is a protocol which runs on a particular TCP port).

You may also want to consider opening server to server ports, and any other service you use (HTTP binding, STUN etc).

Darren

Hatem_BEN_RAIS · March 27, 2007, 8:51am

Actually what my ISP wants to know is either it is TCP or UDP based transfers …

So I think the answer is TCP.

Hatem_BEN_RAIS · March 27, 2007, 8:57am

Thanks a lot DeeJay

Message was edited by: hbr

Forgot to mention my question was answered

Hatem_BEN_RAIS · March 27, 2007, 9:01am

Solved!

Andreas_Monitzer · March 27, 2007, 12:39pm

Note that you shouldn’‘t open port 10015, since external components usually only run on the local machine anyways. You could also drop 9090 from the list, since the service is the same as on 9091 without the SSL-encryption. 5262 isn’‘t necessary if you’'re not using load balancing.

The port 5269 is missing from your list, that’‘s used for s2s connections. (If you’‘ve disabled s2s, you don’'t need it)

For my server only the ports 5222, 5269 and the one for the admin interface are open.

Hatem_BEN_RAIS · March 28, 2007, 10:02am

Hi,

Nope, i am not using server to server connections, that’‘s why I didn’'t mention the 5629. People will connect to my server only via a flash based client, no other types of connection is required for the moment.

And as far as the port 10015 go, I didn’‘t know it runs locally! Thanks for the tip. Now i’‘ll see if I’'d leave that port open or not.

Thanks for your help.

Hatem_BEN_RAIS · March 28, 2007, 3:53pm

I’'ve just recieved a phone call from my ISP asking me if I really need all those ports.

I think i will drop everything from the list and just keep 5222 & 5223 for the flash client chat to access the server, and the 9090 & 9091 for admin.

I am not using Server2Server neither the Connection Manager, i really have a very basic configuration, and my server is not going to access other servers, nor they are going to access it. So I’'ll get rid of all the other ports for now.

One more question, does downloading new plugins for Wildfire require specific ports or only the common TCP:80 ?

I’'d like to be sure fo giving the ISP the final answer & ports list so I can test the client.

Thanks in advance.