What firewall rules are created by the PCoIP Agent?

Rate this Article
Average: 1 (1 vote)

July 3, 2020

Last modified: 09/03/2023, 6:12 pm

Knowledge Base Article Advisory Session HP Anyware

Windows Firewall Rules

Default Microsoft Windows firewall rules populated by the PCoIP Agent for Windows installer.

rtalimage

Rule Details

PS C:\Windows\system32> netsh advfirewall firewall show rule name="PCoIP - Agent Service" verbose
Rule Name: PCoIP - Agent Service
----------------------------------------------------------------------
Description: Allows the PCoIPAgent service to receive connections.
Enabled: Yes
Direction: In
Profiles: Domain,Private,Public
Grouping: Teradici PCoIP
LocalIP: Any
RemoteIP: Any
Protocol: TCP
LocalPort: 443,60443
RemotePort: Any
Edge traversal: No
Program: C:\Program Files (x86)\Teradici\PCoIP Agent\bin\pcoip_agent.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.
PS C:\Windows\system32> netsh advfirewall firewall show rule name="PCoIP - Arbiter Service" verbose
Rule Name: PCoIP - Arbiter Service
----------------------------------------------------------------------
Description: Allows the PCoIP Arbiter service to receive connections.
Enabled: Yes
Direction: In
Profiles: Domain,Private,Public
Grouping: Teradici PCoIP
LocalIP: Any
RemoteIP: Any
Protocol: TCP
LocalPort: 4172
RemotePort: Any
Edge traversal: No
Program: C:\Program Files (x86)\Teradici\PCoIP Agent\bin\pcoip_arbiter_win32.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.
PS C:\Windows\system32> netsh advfirewall firewall show rule name="PCoIP - Encoder" verbose
Rule Name: PCoIP - Encoder
----------------------------------------------------------------------
Description: Allows the PCoIP encoder to receive connections from PCoIP clients.
Enabled: Yes
Direction: In
Profiles: Domain,Private,Public
Grouping: Teradici PCoIP
LocalIP: Any
RemoteIP: Any
Protocol: UDP
LocalPort: 4172-6172
RemotePort: Any
Edge traversal: No
Program: C:\Program Files (x86)\Teradici\PCoIP Agent\bin\pcoip_server_win32.exe
InterfaceTypes: Any
Security: NotRequired
Rule source: Local Setting
Action: Allow
Ok.

 

Linux firewall

CentOS 7.x

In CentOS 7.x a predefined service is created in /usr/lib/firewalld/services/pcoip-agent.xml

<service>
 <short>pcoip-agent</short>
 <description>PCoIP Agent and associated processes</description>
 <!-- broker protocol -->
 <port protocol="tcp" port="443"/>
 <!-- agent protocol -->
 <port protocol="tcp" port="60443"/>
 <!-- arbiter -->
 <port protocol="tcp" port="4172"/>
 <!-- server -->
 <port protocol="udp" port="4172"/>
</service>

And is allowed on "public" profile.

public (active)
 target: default
 icmp-block-inversion: no
 interfaces: ens192
 sources:
 services: pcoip-agent

To add the firewall rules to the public profile open a terminal and run this command

sudo firewall-cmd --zone=public 
--permanent --add-service=pcoip-agent

 

Ubuntu

By default, the Ubuntu firewall is off. If you enable the Ubuntu firewall the following ports must be opened:

  • TCP 443
  • TCP/UDP 4172
  • TCP 60443 (Only required when using a broker)

The following commands will add rules to UFW for the PCoIP services (uncomplicated firewall).

Open a terminal and run these commands

sudo ufw allow httpssudo ufw allow 4172