What firewall rules are created by the PCoIP Agent?
Windows Firewall Rules
Default Microsoft Windows firewall rules populated by the PCoIP Agent for Windows installer.
Rule Details
PS C:\Windows\system32> netsh advfirewall firewall show rule name="PCoIP - Agent Service" verbose
Rule Name: PCoIP - Agent Service ---------------------------------------------------------------------- Description: Allows the PCoIPAgent service to receive connections. Enabled: Yes Direction: In Profiles: Domain,Private,Public Grouping: Teradici PCoIP LocalIP: Any RemoteIP: Any Protocol: TCP LocalPort: 443,60443 RemotePort: Any Edge traversal: No Program: C:\Program Files (x86)\Teradici\PCoIP Agent\bin\pcoip_agent.exe InterfaceTypes: Any Security: NotRequired Rule source: Local Setting Action: Allow Ok.
PS C:\Windows\system32> netsh advfirewall firewall show rule name="PCoIP - Arbiter Service" verbose
Rule Name: PCoIP - Arbiter Service ---------------------------------------------------------------------- Description: Allows the PCoIP Arbiter service to receive connections. Enabled: Yes Direction: In Profiles: Domain,Private,Public Grouping: Teradici PCoIP LocalIP: Any RemoteIP: Any Protocol: TCP LocalPort: 4172 RemotePort: Any Edge traversal: No Program: C:\Program Files (x86)\Teradici\PCoIP Agent\bin\pcoip_arbiter_win32.exe InterfaceTypes: Any Security: NotRequired Rule source: Local Setting Action: Allow Ok.
PS C:\Windows\system32> netsh advfirewall firewall show rule name="PCoIP - Encoder" verbose
Rule Name: PCoIP - Encoder ---------------------------------------------------------------------- Description: Allows the PCoIP encoder to receive connections from PCoIP clients. Enabled: Yes Direction: In Profiles: Domain,Private,Public Grouping: Teradici PCoIP LocalIP: Any RemoteIP: Any Protocol: UDP LocalPort: 4172-6172 RemotePort: Any Edge traversal: No Program: C:\Program Files (x86)\Teradici\PCoIP Agent\bin\pcoip_server_win32.exe InterfaceTypes: Any Security: NotRequired Rule source: Local Setting Action: Allow Ok.
Linux firewall
CentOS 7.x
In CentOS 7.x a predefined service is created in /usr/lib/firewalld/services/pcoip-agent.xml
<service> <short>pcoip-agent</short> <description>PCoIP Agent and associated processes</description> <!-- broker protocol --> <port protocol="tcp" port="443"/> <!-- agent protocol --> <port protocol="tcp" port="60443"/> <!-- arbiter --> <port protocol="tcp" port="4172"/> <!-- server --> <port protocol="udp" port="4172"/> </service>
And is allowed on "public" profile.
public (active) target: default icmp-block-inversion: no interfaces: ens192 sources: services: pcoip-agent
To add the firewall rules to the public profile open a terminal and run this command
sudo firewall-cmd --zone= public
--permanent --add-service=pcoip-agent |
Ubuntu
By default, the Ubuntu firewall is off. If you enable the Ubuntu firewall the following ports must be opened:
- TCP 443
- TCP/UDP 4172
- TCP 60443 (Only required when using a broker)
The following commands will add rules to UFW for the PCoIP services (uncomplicated firewall).
Open a terminal and run these commands
sudo ufw allow https sudo ufw allow 4172 |