Firewall

From ActiveWiki
(Redirected from Firewalls)
Jump to navigation Jump to search

A firewall is a software or hardware that restrict access into and out of a network. Most home routers and corporate networks have firewalls installed for added security.

Background

Since firewalls block the vast majority of internet traffic, in the past they have often prevented the Active Worlds browser from being able to contact the Active Worlds server, and thus prevented users who are on firewall networks from accessing Active Worlds at all. This has been a particularly common problem in corporate environments.

Many home and corporate networks also use proxy servers. A proxy server is a computer on a network that all other computers on that network must communicate through in order to access the outside Internet. If a computer on a proxied network attempts to access the Internet directly it will be blocked. By requiring all computers on a network to go through a single server, a proxy server creates a single point of control for Internet traffic on that network and provides additional security as a result. Proxy servers also often provide a service called NAT or "Network Address Translation", which allows multiple computers to share a single Internet connection.

Workarounds

Introduced in version 3.2

The Active Worlds browser can tunnel through a firewall and/or proxy server in order to contact the Active Worlds servers. It does this by using TCP port 443, also known as the SSL port. This is the same mechanism used by web browsers when accessing secure web sites (i.e. URLs beginning with "https://"). Since most people would like to be able to access secure web sites, even people on corporate networks, most firewalls allow applications to send data to the Internet over port 443. The Active Worlds browser takes advantage of this by, in effect, pretending to be a web browser accessing a secure web site, in order to gain access to the outside Internet and make contact with the Active Worlds servers.

Configuration

The first time you launch a new installation of Active Worlds, you will see an "Internet Configuration" dialog box where you can indicate the kind of connection you have to the Internet. There is an "automatic configuration" button, which allows the browser to automatically detect and use several kinds of standard Internet connection types. Consult your system administrator if you are not sure what type of Internet connection you have.

File transfers

The File Transfer function requires unrestricted access on TCP port 3000 by default. When a file transfer is initiated between two users, the receiver's computer opens a TCP connection on port 3000 back to the sender's computer in order to receive the file. If the sender is behind a firewall or proxy server, inbound connections on TCP port 3000 to the sender's computer must be allowed or the transfer will not succeed. Since this is an "inbound" TCP connection, the firewall changes made in Active Worlds version 3.2 won't help.

If necessary, you can change the TCP port used by your browser when sending files to another user (note that you cannot change the port used when other people are sending files to you.) To change the port, add a "port=" entry under the [transfer] section of the aworld.ini file. For example, to change the file transfer TCP port to 877, your world.ini file should contain the following entries:

[transfer] port=877

Be sure to make a backup copy of your aworld.ini file before attempting to make any changes to it, as this file is essential for your Active Worlds browser to work.