Config - Firewall Ports Configuration

Modified on Wed, 21 May at 3:08 PM

This guide walks you through configuring the necessary firewall and port settings for proper communication between the Softdrive Remote Desktop Client and Server.

1. Overview

Softdrive uses a combination of UDP and TCP ports for secure communication between its client and server applications. Both ends must have appropriate firewall rules to ensure connectivity.

2. Security and Encryption

All traffic is encrypted using secure protocols:

Transport	Protocol	Encryption Method	Cipher
TCP	TLS	Pre-Shared Key	ChaCha20-Poly1305
TCP	HTTPS	Certificate-Based	AES
UDP	SRTP	Pre-Shared Key	AES

3. Server Configuration

Ensure the following firewall rules are applied on the server:

Protocol	Direction	Port Range	Description
UDP	Inbound	9250–9254	Softstream application data (SRTP + AES)
TCP	Inbound	9260	Softstream application data (TLS + ChaCha)
TCP	Inbound	Ephemeral (OS default)	Communications with Softnet (HTTPS)
UDP	Outbound	58000–59000	Sends data to client

Add SoftdriveServer.exe to the Windows Firewall as allowed.

4. Client Configuration

Apply the following firewall rules on the client:

Protocol	Direction	Port Range	Description
UDP	Outbound	9250–9254	Sends data to server
TCP	Outbound	9260	Softstream application data (TLS + ChaCha)
TCP	Outbound	443	Communications with Softnet (HTTPS)
UDP	Inbound	58000–59000	Receives data from server

Add SoftdriveClient.exe to the Windows Firewall as allowed.

5. Testing Connectivity

After configuring the firewall:

Verify that the client can connect to the remote session.
Use tools like Test-NetConnection or telnet to validate TCP connectivity.
Use packet capture (Wireshark) to verify encrypted traffic over correct ports.

Final Notes

Ephemeral ports are assigned dynamically by the OS and must be open for responses.
All communication is encrypted for confidentiality and integrity.
Always test with the firewall enabled to confirm ports are functioning correctly.