Configure hosted cache mode firewall rules

  • Article

Updated: October 7, 2009

Applies To: Windows 7, Windows Server 2008 R2

You can use the information in this topic to configure third party firewall products and to manually configure a client computer or a hosted cache server in a branch office with firewall rules that allow BranchCache to run in hosted cache mode.

Note

  • If you have configured BranchCache client computers using Group Policy, the Group Policy settings override any manual configuration of client computers to which the policies are applied.

  • If you have deployed BranchCache with DirectAccess, you can use the settings in this topic to configure IPsec rules to allow BranchCache traffic.

    • Membership in Administrators, or equivalent is the minimum required to perform firewall configuration changes.

    [MS-PCCRR]: Peer Content Caching and Retrieval: Retrieval Protocol

    Hosted Cache clients must allow inbound and outbound MS-PCCRR traffic, which is carried in the HTTP 1.1 protocol as documented in request for comments (RFC) 2616.

    Firewall settings must allow inbound, outbound, and program traffic. You can use the following settings to configure firewall exceptions for hosted cache mode.

    Inbound traffic: Local port: 80, Remote port: ephemeral

    Outbound traffic: Local port: ephemeral, Remote port: 80

    [MS-PCHC]: Peer Content Caching and Retrieval: Hosted Cache Protocol

    Hosted Cache clients must allow inbound and outbound MS-PCHC traffic, which is carried in the HTTP 1.1 over TLS (HTTPs) protocol as documented in request for comments (RFC) 2818.

    Firewall settings must enable outbound traffic. You can use the following settings to configure firewall exceptions for hosted cache mode.

    Outbound traffic: Local port: ephemeral, Remote port: 443