Before you install FotoWeb
This topic details network requirements and other settings that you need to consider before setting up FotoWeb on a server.
System requirements
Make sure the server meets the system requirements.
Required ports
Your server will have to be configured to allow connections on the following ports:
Protocol |
Port(s) |
Affected servers |
Details |
---|---|---|---|
FotoWare client-server communications |
TCP 7000 / 7001 |
All FotoWare servers that run the Operations Center |
TCP port 7000 (unencrypted) or 7001 (TLS, recommended) must be opened if system administrators need to access the Operations Centerto configure the server applications. This port is also used for communications between FotoWare server applications; for example FotoWeb uses it to connect to indexes that have been created on the Index Manager server. By default the secure communications port (TLS) uses a self-signed certificate and is open for communications on port 7001. Learn more about securing FotoWare protocol communications using SSL in the Operations Center guide. If the FotoWeb server is placed in a DMZ, you will have to this port for administrators on your internal network. |
Communications between Index Manager and FotoWeb. |
TCP 7200 |
FotoWeb |
Index Manager pushes metadata to the FotoWeb server. If Index Manager and FotoWeb run on different servers, the firewall on the FotoWeb server must allow incoming connections on port 7200. TCP port 7200 must NOT be open for access from an external network. Making this port publicly available, for instance from the Internet, poses a SERIOUS security liability. |
FotoWare log server |
UDP 7000 | FotoWeb |
As stated in the system requirements, FotoWeb communicates with the FotoWare Log Server using UDP port 7000. You should therefore make sure that no other services on the server claim this port and interrupt the logging service. Microsoft's DNS server can typically interfere with this port since it can be configured to use an arbitrary port. Hence, if you are using Microsoft's DNS server, you should make sure that it has been explicitly set not to not allow connections on UDP port 7000. |