There may be various firewalls in between the JetStream server and clients. Exceptions or other rules may need to be added to the firewalls protecting the server to allow clients to connect. Typically this means opening and possibly forwarding port
8886 (both TCP and UDP). See JetStream Primer for a list of ports potentially used by the server.
The OS on the machine hosting the JetStream may be running a software firewall. The following are the most common default firewalls.
By default, the CentOS 7 firewall firewalld is enabled. To allow connection to the JetStream server, you will need to configure or disable the firewall. For instance:
- Allow port 8886 through the firewall:
# sudo firewall-cmd --permanent --zone=public --add-port=8886/tcp --add-port=8886/udp # sudo systemctl restart firewalld
- Disable the firewall:
# sudo systemctl stop firewalld # sudo systemctl disable firewalld
By default, the Ubuntu firewall ufw is disabled. If you choose to enable it, then you will need to configure it to allow connections to the JetStream server. For instance:
# sudo ufw allow 8886
By default, the macOS firewall is disabled. It can be configured by navigating to Automatically allow downloaded signed software to receive incoming connections should allow connections to the JetStream server. If this option is off, or JetStream is blocked for any reason, then an exception can be added by selecting jetstream from the presented list:. When enabled, the default setting
By default, the Windows firewall is enabled. The JetStream installation automatically adds an exception to allow connections to the JetStream server.
To adjust the firewall configuration, navigate to.
To allow clients to connect to the JetStream server from an external network, any external firewalls between the server and the internet will need to be configured. Typical configuration tasks include:
- Port Forwarding: Allow ports
8886/udpto be redirected to the JetStream server.
- Deep Packet Inspection: Some enterprise firewalls provide “Deep Packet Inspection” or “Layer 7 Scanning” options that can block JetStream traffic. These systems can miscategorize JetStream network traffic and therefore block it, sometimes after many hours of operation. In these cases, add an exception according to the firewall documentation.