You can use control protocol plug-ins such as Microsoft Media Server (MMS), Real Time Streaming Protocol (RTSP), or Hypertext Transfer Protocol (HTTP) when you configure a firewall. To make the process of configuring firewalls easier, you can configure each control protocol plug-in on the server to use a specific port. Therefore, if your network administrator has already opened a series of ports for use by your Windows Media servers, you can allocate those ports to the control protocols. If the ports are not yet available, you can request that the default ports for each protocol be opened.
If ports on your firewall cannot be opened, Windows Media Services can stream content by using the HTTP protocol over port 80. For more information about how to configure the control protocol plug-ins, see the server help documentation.
The "More Information" section describes how to configure firewalls for the following list of situations:
Open the portsTo enable Windows Media Player and other clients to use the HTTP protocol, the RTSP protocol, or the MMS protocol to connect to a Windows Media server that is behind a firewall, open the following ports.
|In: TCP on port 80, 554, and 1755||The Windows Media server uses the TCP In ports to accept an incoming HTTP connection (port 80), an RTSP connection (port 554), or an MMS connection (port 1755) from Windows Media Player and other clients.|
|In: UDP on port 1755 and 5005||The Windows Media server uses UDP In port 1755 to receive resend requests from clients that are streaming by using MMSU and UDP In port 5005 to receive resend requests from clients that are streaming by using RTSPU.|
|Out: UDP ports 1024 through 5000 and 5004||The Windows Media server uses UDP Out ports 1024 through 5000 and 5004 to send data by means of MMSU and RTSPU to Windows Media Player and other clients.|
If you cannot open all the UDP Out portsIf you cannot open all the UDP Out ports on a firewall, UDP packets that are sent by a Windows Media server may be blocked by the firewall and may not be able to reach the clients on the other side of the firewall. If this condition occurs, clients may still be able to receive a stream if the clients automatically roll over to a TCP-based protocol, such as HTTP, MMST, or RTSPT. However, the rollover causes a delay for the client that is receiving the stream. If you know that you will not be able to support UDP streaming through a firewall, you can decrease the rollover delay by clearing the UDP check box in the Unicast Data Writer plug-in Properties dialog box. For more information, see the server help documentation.
|In: UDP ports 1024 through 5000 ||The Windows Media server uses UDP In ports 1024-5000 to receive data from another server.|
|Out: TCP on port 80 and 554||The Windows Media server uses the TCP Out ports to establish an HTTP connection (port 80) or RTSP connection (port 554) to another server or encoder.|
|Out: UDP on port 5005||When RTSPU distribution is used, the Windows Media server uses UDP Out port 5005 to send resend requests to another server.|
- If the distribution server tries to connect by using RTSP, that request is translated as RTSPU.
- If the server administrator chooses to use a TCP-based transport (either because of a preference or because a TCP-based transport is required), the URL must use an rtspt:// prefix.
- If the distribution servers must connect by using HTTP, the URL must use an http:// prefix.
The following firewall configuration enables multicast streaming packets to traverse your firewall:
The following example firewall configuration allows a computer that is running Windows Media Encoder outside a firewall to access a Windows Media server that is behind a firewall by using HTTP. The In port is the port where the server accepts connections. The Out port is the port where the server sends data to clients: