Signiant Support

Firewall Port Requirements For CTE-SDK Client and Media Exchange Application Print


Problem: 


What firewall ports are required to be open for CTE-SDK (Content Transfer Engine SDK)  transfer jobs and Media Exchange Application?

Resolution:


In a CTE-SDK transfer there are usually at least two firewalls between the client running the CTE-SDK applet in a web browser or JVM, and the CTE-SDK enabled agent or MediaExchange server.  


Using the above diagram as a reference
  
On the "Organization Firewall":
 
Permit INBOUND
            Source Port = 49221 - 49250 tcp or udp
            Target Port = 49221/tcp or 49221/udp *
 
Permit OUTBOUND
            Source Port = 49221/tcp or 49221/udp *
            Target Port = 49221 - 49250 tcp or udp
 
 
On the "Client's Firewall":
 
Permit OUTBOUND
            Source Port = 49221 - 49250 tcp or udp
                        Target Port = 49221/tcp or 49221/udp *
 
Permit INBOUND
            Source Port = 49221/tcp or 49221/udp  *
            Target Port = 49221 - 49250 tcp or udp
 
Notes

1)  If this document is being read in the context of the MediaExchange application, the above rules will be sufficient.
 
2)  If this document is being read in the context of an application based on the CTE-SDK that uses relay rules, the above rules will be sufficient.
 
3)  If this document is being read in the context of a custom application using the CTE-SDK that is not using any relay rules, the single "49221" port MUST be changed to be a port range.  In general, a range of 50 ports should be sufficient to allow concurrent transfers to the CTE server.  I.E. the single 49221 port identified by * (asterix) now becomes the range 49221 - 49250.  The range of ports can be increased or decreased with specific knowledge of the number of concurrent transfers expected.