Last updated:

Firewall Ports to Open for Session Access

There are many ways to connect to dCloud sessions. If you connect to a session through a firewall, the ports that must be permitted and opened on that firewall depend on the method you use to connect to the session. The table lists dCloud access methods and the firewall port number that must be permitted to enable the communication type used by each method.

Table 1. Firewall Port to Open and Communication Type to Enable Session Access Methods

Method Used to Connect to dCloud Sessions Port (Communication Type)
VPN (AnyConnect) Port 443 (TCP and UDP)
VPN (Endpoint Router Kit) Port 443 (TCP)
IP Phone VPN Port 443 (UDP)
BYOD Port 5247 (UDP)
Data for BYOD Port 5246 (UDP)
Standard HTTPS (dCloud Remote Desktop) Port 443
Standard HTTP Port 80

For VPN connections (the first three access methods), after you permit a VPN connection to dCloud sessions for the specified port, no other modifications are required on the firewall.

For example, assume that you have a router that you want to connect to a dCloud session via VPN. You must permit port 443 on the firewall for the VPN to be established between your router and dCloud. After the VPN is established, any device connected to your router can connect through the router directly to the active session. This is because after the VPN is established, all traffic to the active session will go over the VPN; however, any Internet browsing traffic is sent over the local connection. This is done by the split-tunneling setup on the router.

Similarly, assume that you want to connect an endpoint device to a dCloud session using AnyConnect. After the VPN connection is permitted across port 443 and established, all traffic between the endpoint device and the session across that VPN is allowed.

Some dCloud content may require that additional firewall ports be opened for specific communication types. Those port numbers will be provided in the content documentation or the Help for that architecture.