Unselected TabHomeUnselected TabSelected TabSelf ServiceSelected TabUnselected TabRequest SupportUnselected TabUnselected TabMy SupportUnselected TabWelcome Guest. Sign in | Exit
Knowledge Base | Glossary | Troubleshooter

Knowledge Base
Elluminate Knowledge Base > Connection Problems >

How do I configure a Personal Firewall / Router for my Elluminate session?

Configure your Personal Firewall:

When using Elluminate Live!, you may need to configure or confirm settings in your Personal Firewall. We have included information for the several popular firewall applications. If the personal firewall application you are using is not in the list, see the General Tips below.

General Tips:

If your Personal Firewall is not listed in the above, here are a few general steps that you can use to configure your firewall.

1. You will need to allow Java Web Start (javaws.exe) access to the internet — this may require both inbound and outbound connections.

2. Elluminate Live! may require access separately — you will need to allow this on both inbound and outbound connections as well.

3. You may be prompted to allow IeEmbed access to the internet when conducting a Web Tour.

Configure your Personal Router:

Since most routers (for both wireless and wired connections) are shipped with a firewall enabled, you may have to configure them to allow Elluminate Live! traffic through. You may need to do this by allowing access on the specified ports, allowing access to the previously specified application or allowing access to hosts listed below. Configuration differs between routers so we advise checking the manual the shipped with your router and using the following information as supplement.

 Since Elluminate uses dynamic server assignment, it is not possible to state in advance precisely which server will host a session. This means the IP Address is known only when the session actually starts. As a result, please ensure firewalls (and proxy systems) allow access to the entire set of Elluminate hosts in the domain elluminate.com and to the following IP Address ranges:

  • 216.220.49.208 with netmask 255.255.255.240 (in CIDR notation: 216.220.49.208/28)
  • 65.110.166.160 with netmask 255.255.255.224 (in CIDR notation: 65.110.166.160/27)
  • 74.200.25.224 with netmask 255.255.255.224 (in CIDR notation 74.200.25.224/27)

Enabling access to both of the address blocks listed will reduce the impact of any configuration changes that Elluminate might make.

Elluminate Live! connects on one of two ports 2187 or 80 for unencrypted sessions; when session encryption is used, port 443 is used instead of 2187.  We need to establish a connection on one of these two ports.  Once this connection has been made it will remain open and transfer all communication which is a proprietary protocol called the Collaborative Communication Framework (CCF), which is layered on a TCP transport protocol.

Please Note - If you are using a Hosted Elluminate Live! Manager instance you will be unable to connect to an Elluminate Live! session on port 80 because that port is being used for web traffic. You will be required to open port 2187 so that you can establish a connection and transfer all communication using the CCF protocol.  

This would also be true if you have installed your Elluminate Live! Manager server on the same machine as your Elluminate Live! Server because by default your Elluminate Live!  Manager server is installed to listen for web traffic on port 80 and therefore can’t establish an Elluminate Live! connection on that port.   

Firewall and web content filters must allow the download of both JNLP files (or content types) and JAVA application archive (JAR) files. The desktop client system must be configured to allow the download, installation, and execution of JAVA network applications. In addition, the end user must have these permission.

Please Note: 

·         Only authorized clients may connect to an Elluminate Live! Server

·         The connection is always initiated from the client

·         After connection, only the Elluminate Live! server will send data to the client

Additionally, we recommend disabling SPI (Stateful Packet Inspection) as it tends to interfere with out communication protocol. Lastly, if all else fails, you can try specifying the connecting machine as DMZ (Demilitarized zone).

If you have any further questions, please contact us for support.  Thank you.

-Technical Support

 

Was this answer helpful? Yes No

Related Topics

How do I configure my McAfee Firewall for my Elluminate session?

How do I configure my Norton Personal Firewall for my Elluminate session?

What changes must be made to my firewall to allow Java Web Start to download JAR files?


Topic Information
Topic #: 2410-123
Date Created: 10/10/2005
Last Modified Since: 1/2/2010
Viewed: 114

Subscribe To Topic Subscribe

Print Topic Print Topic

Email this topic Email this topic

Back Back






Help Desk and Customer Support Software by Parature