Different IP video protocols require different firewall setups. This article covers the most common ports / firewall access that different IP video protocols require.
Overview
To quickly test if the firewall is causing your issue, temporarily disable it, and see if that fixes the issues.
For Windows, in general, the Network the device is connecting to may be "Private". If it is set to "Public", then many of the UDP based protocols will not work.
UDP
This is a server protocol on the receiver, and requires the selected port to be open to receive. On the send side, it should work without firewall adjustment.
RTP
This is a server protocol on the receiver, and requires the selected port to be open to receive. On the send side, it should work without firewall adjustment.
SRT
When using the 'listener' mode, the port it is listening on must be open in the firewall. For Caller and Rendezvous, it should work without firewall adjustment.
RIST
When using the 'listener' mode, the port it is listening on must be open in the firewall. For Caller, it should work without firewall adjustment.
RTSP
For sending, RTSP should work without firewall adjustment.
- RTSP uses port 554
RTMP
For sending, RTMP should work without firewall adjustment.
- RTMP uses port 1935
WebRTC/WHIP
WebRTC uses a bunch of standard ports:
- Access to ports TCP + UDP 4443, 3478, 443 for www.flowcaster.live
- Access to video streaming services in VPN and Firewall settings
- Ports used: 80,443,4443,3478 (TCP and UDP), 5349 TCP, 40000:65535 UDP
BLS (Bliss Protocol)
BLS uses the port explicitly set. If there is no port set, it will use 80 for unencrypted and 443 for encrypted traffic.
NDI
NDI uses a range of TCP ports:
- NDI ports 49152 to 65535
CDI
The implementation for this transit occurs over the Scalable Reliable Datagram (SRD) protocol. To achieve the highest performance and lowest latency, the AWS CDI SDK relies on EC2 instances that support the Elastic Fabric Adapter (EFA) and are placed within a single Placement Group.
The AWS CDI SDK opens one specified User Datagram Protocol (UDP) port per connection to control communication between Amazon EC2 instances running AWS CDI SDK. The receiving side listens on the specified port number. The transmitting side uses a random port number from the ephemeral port range, as determined by the operating system.
For network security best practices concerning how to block UDP packets from the public Internet, see Security best practices for your VPC.
The AWS CDI SDK also relies on EC2 instances using a Security Group that allows all inbound and outbound traffic to and from the Security Group itself. For more information, see Prepare an EFA-Enabled Security Group.
SMPTE 2110/2022
The port(s) set by the caller.
Trademarks, Registered Trademarks, and CopyrightsTrademarks, Registered Trademarks, and Copyrights
Amazon Web Services, Inc. - Amazon, AWS and Smile Logo, Powered by AWS Logo, AWS Co-Marketing Tools, the Partner Logo, the Program Marks, Amazon Web Services, AWS, AWS S3, and the names of AWS products, services, programs, and initiatives are trademarks or registered trademarks of Amazon Web Services, Inc.
Microsoft Corporation – Microsoft: Windows®, Video For Windows (VFW), DirectShow, Microsoft, Skype, Microsoft Azure, Microsoft Teams, Wave Mapper, Microsoft, Windows NT|2000|XP|XP Professional|Server 2003|Server 2008 |Server 2012, Windows 7, Windows 8, Media Player, Media Encoder, .Net, Internet Explorer, SQL Server 2005|2008|2012|2014, Windows Media Technologies and Internet Explorer are trademarks of Microsoft Corporation.
NewTek, Inc. - NDI, TriCaster, 3Play, TalkShow, Video Toaster, LightWave 3D, and Broadcast Minds are registered trademarks of NewTek, Inc.
Society of Motion Picture and Television Engineers - SMPTE is a trademark of Society of Motion Picture and Television Engineers.
All other trademarks are the property of their respective owners.
