Implementing NetShow On-Demand, Firewalls, Proxy Servers

ID: Q166444

The information in this article applies to:

Microsoft NetShow version 1.0

SUMMARY

This article describes the requirements for implementing Microsoft NetShow version 1.0 On-Demand in conjunction with a firewall or proxy server.

MORE INFORMATION

Microsoft NetShow uses several different protocols. This article describes the requirements for streaming NetShow 1.0 content through a firewall or proxy server. NetShow content can only be streamed using TCP/IP. This article also discusses the requirements when configuring a Firewall to allow free passage of these IP frames for both servers and clients. There may be additional requirements for implementations of future versions of NetShow. Check current product documentation or the Microsoft Knowledge Base for future requirements.

Firewalls are administered by corporations to prevent unauthorized access to corporate networks. Most firewalls are based on packet filtering. Packet filtering takes place when the computer examines the source and destination IP addresses of a packet and forwards only those packets that have been granted access.

The On-Demand content streaming from NetShow will currently stream through a number of firewalls and we are working with several additional vendors for support in their products. For the most recent list of supported vendors, point your browser to the following URL:

http://www.microsoft .com/netshow/firewall.htm

If your firewall (or router) vendor is not on this list, it does not mean you cannot stream NetShow media through your firewall. This is a list that we have tested or worked with the vendor to ensure you will be successful. The details of configuration are below in this article.

Conclusion

There are two protocols in which you can receive an On-Demand stream, HTTP and MMS (over TCP and UDP).

If you place a NetShow On-Demand ASF file in a directory available from a HTTP server you can stream the ASF file via a standard HTTP protocol and would not need to do any additional configuration of your firewall beyond the configuration needed for your WEB server. Normally this http transmission is done over TCP port 80 by default. This can be changed on most Web servers so you would need to open the appropriate port for your TCP connections.

When a NetShow client makes a request from a NetShow server using the MMS protocol the Initial TCP connection is on port 1755. The server then streams the content via UDP on a random port requested by the client between 1024 and 5000.

When Setting up a NetShow 1.0 On-Demand server by default you will need to enable the following IP TCP and UDP ports on the Firewall as follows:


   Incoming TCP port 1755
   Outgoing UDP 1024 - 5000

If you are using a NetShow client in conjunction with a firewall, you will need to allow:


   Outgoing TCP on port 1755
   Incomming UDP on port 1024 - 5000

You can also configure the proxy server name and port when receiving a HTTP stream and specify a UDP port for a MMS stream to use. These settings are found on the advanced tab in the properties of the On-Demand control. When specifying a UDP port to request in the client you may not need to open the range of UDP ports and can specify the port to use.

Additional query words:


Keywords          : 
Version           : WinNT:1.0
Platform          : winnt 
Issue type        : kbinfo

Last Reviewed: June 23, 1999