Questions regarding Devolutions Server and Gateway communication
Hello,
we've recently setup a Devolutions Gateway on a remote site and we've got a few questions about how the Devolutions Server actually communicates with the gateway.
In the gateway documentation found here: https://docs.devolutions.net/gateway/overview/system-requirements/system-requirements-dvls/
It says:
"The default port for HTTP(s) communication with the gateway is 7171, while the default port for TCP communication is 8181. These ports should be open and not blocked by firewalls to allow proper communication."
Question 1: The graph above that line shows that the Devolutions Server only communicates on port 7171 outgoing to the gateway. So I would assume that my firewall rule for Devolutions Server and Gateway communication doesn't need port 8181 outgoing allowed right?
Question 2: I know that when using the Remote Desktop Manager and connecting to, for example an RDP session via a gateway its the client running RDM that opens the connection.
However when I use the WebUI of the Devolutions Server to connect to a RDP Session via a gateway does my client running the Browser/WebUI initiate the connection or is it the Devolutions Server that connects to the remote gateway?
Best regards,
Lennart
Recommended Answer
Hello Lennart,
Question 1: The graph above that line shows that the Devolutions Server only communicates on port 7171 outgoing to the gateway. So I would assume that my firewall rule for Devolutions Server and Gateway communication doesn't need port 8181 outgoing allowed right?
That is correct. This port is used by native clients (in RDM) that only understand how to communicate using TCP, and you don’t have to allow Devolutions Server to use it.
Side note: we also plan to add a feature where the TCP listener is completely optional even for RDM at the cost of a small performance penalty.
Question 2: I know that when using the Remote Desktop Manager and connecting to, for example an RDP session via a gateway its the client running RDM that opens the connection.
However when I use the WebUI of the Devolutions Server to connect to a RDP Session via a gateway does my client running the Browser/WebUI initiate the connection or is it the Devolutions Server that connects to the remote gateway?
It is the client running the browser; everything is happening locally and Devolutions Server is only serving the web page.
Best regards,
Benoit Cortier
All Comments (2)
Hello Lennart,
Question 1: The graph above that line shows that the Devolutions Server only communicates on port 7171 outgoing to the gateway. So I would assume that my firewall rule for Devolutions Server and Gateway communication doesn't need port 8181 outgoing allowed right?
That is correct. This port is used by native clients (in RDM) that only understand how to communicate using TCP, and you don’t have to allow Devolutions Server to use it.
Side note: we also plan to add a feature where the TCP listener is completely optional even for RDM at the cost of a small performance penalty.
Question 2: I know that when using the Remote Desktop Manager and connecting to, for example an RDP session via a gateway its the client running RDM that opens the connection.
However when I use the WebUI of the Devolutions Server to connect to a RDP Session via a gateway does my client running the Browser/WebUI initiate the connection or is it the Devolutions Server that connects to the remote gateway?
It is the client running the browser; everything is happening locally and Devolutions Server is only serving the web page.
Best regards,
Benoit Cortier
Hello Lennart,
Question 1: The graph above that line shows that the Devolutions Server only communicates on port 7171 outgoing to the gateway. So I would assume that my firewall rule for Devolutions Server and Gateway communication doesn't need port 8181 outgoing allowed right?
That is correct. This port is used by native clients (in RDM) that only understand how to communicate using TCP, and you don’t have to allow Devolutions Server to use it.
Side note: we also plan to add a feature where the TCP listener is completely optional even for RDM at the cost of a small performance penalty.
Question 2: I know that when using the Remote Desktop Manager and connecting to, for example an RDP session via a gateway its the client running RDM that opens the connection.
However when I use the WebUI of the Devolutions Server to connect to a RDP Session via a gateway does my client running the Browser/WebUI initiate the connection or is it the Devolutions Server that connects to the remote gateway?
It is the client running the browser; everything is happening locally and Devolutions Server is only serving the web page.
Best regards,
@Benoit Cortier
Thank you for the clarification and fast response. That really helps us with planning our future gateway rollouts and confirms our understanding of the required firewall configuration.