This Tech Note describes how to make a Timbuktu Pro connection through a firewall
Users cannot make some or any of the Timbuktu Pro connections via TCP/IP across different networks, or across the Internet.
For security reasons, network managers on TCP/IP networks usually want to restrict external access to their networks. Most of the time they will only open TCP/UDP ports for Telnet, FTP and some other common services. To do that, they will configure their IP routers (sometimes referred to as gateways) to filter out access to different ports. These filters are called "firewalls." TCP/IP security firewalls may be configured in a way that does not allow Timbuktu Pro connections. In order for Timbuktu Pro to access this kind of network, the network manager must open certain TCP/UDP ports which Timbuktu Pro requires.
Timbuktu Pro 2000 uses a well-defined UDP Port -- 407 for connection handshaking. Once the UDP connection is established, then Timbuktu Pro uses TCP ports for each of the eight types of Timbuktu sessions.
Timbuktu Pro UDP Ports Connection (handshaking) - UDP Port 407
These ports are used during access by Guests, Ask for Permission visitors, and Trusted Users with valid user accounts and passwords on Timbuktu Pro hosts. Any or all of these ports can be firewalled to ensure security from unauthorized users. Some network managers will firewall all ports but allow the ability for a connection to be established to UDP Port 407. This allows anyone on the Internet to send files via Timbuktu Pro.
Timbuktu Pro also supports attended access from temporary guests where the host's user admits the guest on a one-time basis without requiring a password. Timbuktu Pro defaults to using a dynamic port assignment for this type of connection thereby bypassing the firewall on the static ports.
Registered port numbers are used only by computers receiving a connection. Users who initiate connections are using dynamic port numbers. A dynamic TCP port is negotiated by the two computers involved in a Timbuktu Pro connection. Dynamic ports usually have numbers greater than Port 1023. If these dynamic ports are firewalled, Timbuktu Pro will not be able to complete a TCP/IP connection.
The network manager will need to re-configure the firewall permissions to permit TCP and UDP port assignments. Please refer to our guide on how to connect through a router running network address translation: How to connect to a system behind a router running Network Address Translation (NAT).