Warning: This information is only for encoders running version 8.5 and above.
Encoders running version 8.5 and above will always run with a firewall enabled.
By default:
Unless listed in the table below, the firewall blocks all INCOMING and OUTGOING traffic.
Any cellular connection is always limited to the ports required to connect to the network and then connect to EdgeVis Server, and never has any open listening port.
You have the option to enable a Strict mode on the firewall that disables more ports on the secondary services on your encoder.
Table of open firewall ports
Note: Entries coloured in red below signify which services will be blocked if you enable Strict mode - regardless of your encoder's functional configuration.
Description | Rule & Port | LAN Default | LAN Strict | Wi-Fi Default | Wi-Fi Strict | 4G |
Server comms | Out | Y | Y | Y | Y | Y |
DHCP Client | Out | Y | Y | Y | Y | Y |
DNS Client | Out | Y | Y | Y | Y | Y |
ONVIF + RTSP Client ($) | Out | Y | Y | N | N | N |
ONVIF Discovery | Both | Y | Y | N | N | N |
Local Web Server (#) | In 80 TCP | Y | Y | Y | Y | N |
Local Web Server (#) | In | Y | Y | Y | Y | N |
Local Viewer Discovery | In | Y | N | Y | N | N |
Ping Server | In | Y | N | Y | N | N |
NTP Server (*) | In | Y | N | Y | N | N |
RTSP Server (*) | In | Y | N | Y | N | N |
RTSP Server (*) | Out | Y | N | Y | N | N |
DHCP Server Allocates addresses to devices attached to the Wi-Fi network. | In | N | N | Y | Y | N |
DNS Server Serves up one address to the Wi-Fi network. | In | N | N | Y | Y | N |
Ping Client Pings a device on the network. Used to test ONVIF camera. | In | Y | Y | Y | Y | N |
SFTP Server (*) A server that allows video clips to be downloaded. | In 22 TCP | Y | N | Y | N | N |
FTP Client (*) | Out | Y | N | Y | N | N |
Local HTTP Proxy HTTP proxy allowing user to connect to camera web pages via the encoder web. | In 48560-48575 TCP | Y | N | N | N | N |
(#) - The web server can be disabled and these ports will be blocked.
(*) - These services are disabled by default. It is not possible to use these services on different ports, so all external services must use the default port setting.
($) - These ports are the default for ONVIF and RTSP - if specified by the user, non-standard ports are also supported and will be automatically opened by the firewall.
Y = Available.
N = Blocked.