Microsoft KB Archive/907740

= How to use Groove through a firewall =

Article ID: 907740

Article Last Modified on 11/20/2007

-

APPLIES TO


 * Groove Virtual Office 3.0 File Sharing Edition
 * Groove Virtual Office 3.0 Professional Edition
 * Groove Virtual Office 3.0 Project Edition
 * Groove Virtual Office 3.1 File Sharing Edition
 * Groove Virtual Office 3.1 Professional Edition
 * Groove Virtual Office 3.1 Project Edition
 * Microsoft Office Groove 2007

-



INTRODUCTION
This article describes how to use Microsoft Office Groove 2007 or earlier versions of Groove though a firewall. Additionally, this article discusses which ports and resources Groove requires and which ports enable Groove to work most efficiently.



MORE INFORMATION
Firewalls are designed to limit the access into and out of a network. If a blocking firewall is not in the path between two devices that interact with Groove, Groove uses Simple Symmetric Transport Protocol (SSTP) over TCP/IP to exchange data. Because most companies configure firewalls to allow employees to access the Web, Groove takes advantage of this existing configuration to send and receive information when Groove cannot make direct connections over SSTP. This technique is known as HTTP tunneling.

Groove operates most efficiently if users can establish direct connections by using SSTP over TCP/IP. Firewalls may be configured in many different ways. These configurations determine the types of packets that a firewall allows from behind the firewall to the Internet and the types of packets that the firewall allows from the Internet to behind the firewall. If a computer that is running Groove is behind a proxy or a firewall that only allows outgoing connections, Groove will use an HTTP or SSL connection to a Groove relay server so that communication is still possible. This HTTP or SSL connection to a Groove relay server will work even between two sites that are behind a proxy or a firewall that only allows outgoing connections.

Groove can use additional transport types that work through some firewalls and proxies at less of a performance cost than a standard HTTP connection. Groove uses the following other connection types:
 * HTIP/SSL connections that use a Secure Sockets Layer (SSL) proxy to connect to the relay server through port 443
 * SOCKS connections that use a SOCKS proxy to connect to the relay server through port 2492
 * HTTP connections that use various mechanisms to maintain the TCP connection for multiple operations

If your company wants to configure your firewall to allow Groove communications, open outgoing TCP connections on ports 80 and 443 for HTTP and SSL. These ports may already be open for other Web sites. For best performance, also allow incoming and outgoing TCP connections on port 2492 for SSTP. SSTP is the native peer-to-peer protocol for Groove.

Additional query words: TCN-00189 TCN-00505 Groove2007

Keywords: kbinfo kbexpertiseadvanced KB907740

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.