Before you install FotoWeb

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

This topic details network requirements and other settings that you need to consider before setting up FotoWeb on a server.

System requirements

Make sure the server meets the system requirements.

Required ports

Your server must be configured to allow connections on the following ports:

Protocol	Port(s)	Affected servers	Details
Fotoware client-server communications	TCP 7000 / 7001	All Fotoware servers that run the Operations Center	TCP port 7000 (unencrypted) or 7001 (TLS, recommended) must be opened if system administrators need to access the Operations Center to configure the server applications. This port is also used for communications between Fotoware server applications; for example, FotoWeb uses it to connect to indexes that have been created on the Index Manager server. By default, the secure communications port (TLS) uses a self-signed certificate and is open for communications on port 7001. For more information, see Securing Fotoware protocol communications using SSL. If the FotoWeb server is placed in a DMZ, you must use this port for administrators on your internal network.
Communications between Index Manager and FotoWeb.	TCP 7200	FotoWeb	This port must be closed. Note: If this port is open for access from an external network, such as the Internet, it poses a serious security liability. However, Index Manager pushes metadata to the FotoWeb server. If Index Manager and FotoWeb run on different servers, the FotoWeb server's firewall must allow incoming connections on port 7200. For more information, see Configuring Index Manager to deliver metadata to FotoWeb.
Fotoware log server	UDP 7000	FotoWeb	As stated in the system requirements, FotoWeb communicates with the Fotoware Log Server using UDP port 7000. You should, therefore, make sure that no other services on the server claim this port and interrupt the logging service. Microsoft's DNS server can typically interfere with this port since it can be configured to use an arbitrary port. Therefore, if you are using Microsoft's DNS server, you should ensure it has been explicitly set to not allow connections on UDP port 7000.

Protocol

Port(s)

Affected servers

Details

Fotoware client-server communications

TCP 7000 / 7001

All Fotoware servers that run the Operations Center

TCP port 7000 (unencrypted) or 7001 (TLS, recommended) must be opened if system administrators need to access the Operations Center to configure the server applications. This port is also used for communications between Fotoware server applications; for example, FotoWeb uses it to connect to indexes that have been created on the Index Manager server.

By default, the secure communications port (TLS) uses a self-signed certificate and is open for communications on port 7001. For more information, see Securing Fotoware protocol communications using SSL.

If the FotoWeb server is placed in a DMZ, you must use this port for administrators on your internal network.

Communications between Index Manager and FotoWeb.

TCP 7200

FotoWeb

This port must be closed.
Note: If this port is open for access from an external network, such as the Internet, it poses a serious security liability.

However, Index Manager pushes metadata to the FotoWeb server. If Index Manager and FotoWeb run on different servers, the FotoWeb server's firewall must allow incoming connections on port 7200.

For more information, see Configuring Index Manager to deliver metadata to FotoWeb.

Fotoware log server

UDP 7000

FotoWeb

As stated in the system requirements, FotoWeb communicates with the Fotoware Log Server using UDP port 7000. You should, therefore, make sure that no other services on the server claim this port and interrupt the logging service. Microsoft's DNS server can typically interfere with this port since it can be configured to use an arbitrary port. Therefore, if you are using Microsoft's DNS server, you should ensure it has been explicitly set to not allow connections on UDP port 7000.