Firewalls and ports

Hi,

I know that VirtualHere utilises mDNS on port 5353 and ports 7573-7575 for it's main functionality, however, in all the forum posts and articles I've read it's not immediately clear (at least not to my dull brain) whether these ports need to be opened on the client, the server or both.

I know that for general mDNS functionality, port 5353 will need to be open on both client and server.

I think (but I'd like to confirm) that port 7575 only needs to be open on the VirtualHere server and the client uses a high numbered ephemeral port (which is what I see reflected in Wireshark captures and if I look at listening ports on my client (Linux ss command on the client doesn't show anything listening on 7575)). Is that correct?

I imagine that whatever applies to 7575 is also true for 7574, only with ssl goodness added ?

How about the reverse connection facility with port 7573 ?

Many thanks and apologies if this is clearly spelt out somewhere and I've missed it.

Mark

#2

Hi Mark, yes that is all correct.

#3

Just to summarise, mDNS aside:

Normal working, unencrypted: on the server, open tcp port 7575. Client just uses an ephemeral port.
Normal working, encrypted using SSL: on the server, open tcp port 7574. Client just uses an ephemeral port.
Using reverse connection, unencrypted: open tcp port 7573 on the client.
Using reverse connection, encrypted using SSL: open tcp port 7572 on the client.

#4

Yes

#5

Hi,
What about the settings when using EasyFind ?

#6

Easyfind is not designed to go through firewalls, use something like tailscale or zerotier, because it will need to relay and Easyfind won't relay