Last active
February 27, 2026 21:41
-
-
Save divideby0/5072f8182767277e943169c3cdb11938 to your computer and use it in GitHub Desktop.
Windows Firewall rules for CloudXR 6.0 streaming + OpenSSH
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Requires -RunAsAdministrator | |
| <# | |
| .SYNOPSIS | |
| Opens Windows Firewall ports for CloudXR 6.0 streaming and OpenSSH. | |
| .DESCRIPTION | |
| Configures inbound/outbound rules for NVIDIA CloudXR 6.0 (Omniverse | |
| spatial streaming to Apple Vision Pro / iPad) and OpenSSH Server. | |
| Port reference: https://docs.omniverse.nvidia.com/avp/latest/setup-network.html | |
| .NOTES | |
| Run from an elevated PowerShell prompt. | |
| #> | |
| $ErrorActionPreference = "Stop" | |
| $rules = @( | |
| # OpenSSH Server | |
| @{ Name = "OpenSSH Server (TCP 22)"; Direction = "Inbound"; Protocol = "TCP"; Port = "22" } | |
| # Omniverse Kit HTTP service | |
| @{ Name = "Omniverse Kit HTTP (TCP 8111)"; Direction = "Inbound"; Protocol = "TCP"; Port = "8111" } | |
| # CloudXR RTSP discovery | |
| @{ Name = "CloudXR RTSP Discovery (TCP 40810)"; Direction = "Inbound"; Protocol = "TCP"; Port = "40810" } | |
| # CloudXR Connect | |
| @{ Name = "CloudXR Connect In (TCP 48010)"; Direction = "Inbound"; Protocol = "TCP"; Port = "48010" } | |
| @{ Name = "CloudXR Connect Out (TCP 49007)"; Direction = "Outbound"; Protocol = "TCP"; Port = "49007" } | |
| # CloudXR Video | |
| @{ Name = "CloudXR Video In (UDP)"; Direction = "Inbound"; Protocol = "UDP"; Port = "47998,48005,48008,48012" } | |
| @{ Name = "CloudXR Video Out (UDP)"; Direction = "Outbound"; Protocol = "UDP"; Port = "49005,50000-55000" } | |
| # CloudXR Input | |
| @{ Name = "CloudXR Input In (UDP 47999)"; Direction = "Inbound"; Protocol = "UDP"; Port = "47999" } | |
| @{ Name = "CloudXR Input Out (UDP 49006)"; Direction = "Outbound"; Protocol = "UDP"; Port = "49006" } | |
| # CloudXR Audio | |
| @{ Name = "CloudXR Audio In (UDP 48000)"; Direction = "Inbound"; Protocol = "UDP"; Port = "48000" } | |
| @{ Name = "CloudXR Audio Out (UDP 49003)"; Direction = "Outbound"; Protocol = "UDP"; Port = "49003" } | |
| # CloudXR Mic | |
| @{ Name = "CloudXR Mic In (UDP 48002)"; Direction = "Inbound"; Protocol = "UDP"; Port = "48002" } | |
| @{ Name = "CloudXR Mic Out (UDP 49004)"; Direction = "Outbound"; Protocol = "UDP"; Port = "49004" } | |
| ) | |
| foreach ($r in $rules) { | |
| $existing = Get-NetFirewallRule -DisplayName $r.Name -ErrorAction SilentlyContinue | |
| if ($existing) { | |
| Write-Host " SKIP $($r.Name) (already exists)" -ForegroundColor Yellow | |
| } else { | |
| New-NetFirewallRule ` | |
| -DisplayName $r.Name ` | |
| -Direction $r.Direction ` | |
| -Protocol $r.Protocol ` | |
| -LocalPort $r.Port ` | |
| -Action Allow ` | |
| -Profile Any | Out-Null | |
| Write-Host " ADD $($r.Name)" -ForegroundColor Green | |
| } | |
| } | |
| Write-Host "`nDone. All CloudXR and SSH firewall rules configured." -ForegroundColor Cyan |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # Test connectivity to CloudXR 6.0 + SSH ports on a Windows workstation. | |
| # Run from macOS: ./test-ports.sh <ip-address> | |
| # | |
| set -euo pipefail | |
| HOST="${1:-}" | |
| TIMEOUT=2 | |
| if [[ -z "$HOST" ]]; then | |
| echo "Usage: ./test-ports.sh <ip-address>" | |
| echo "Example: ./test-ports.sh 192.168.50.29" | |
| exit 1 | |
| fi | |
| pass=0 | |
| fail=0 | |
| test_tcp() { | |
| local port=$1 label=$2 | |
| if nc -z -w "$TIMEOUT" "$HOST" "$port" 2>/dev/null; then | |
| printf " \033[32mOPEN\033[0m TCP %-6s %s\n" "$port" "$label" | |
| ((pass++)) | |
| else | |
| printf " \033[31mFAIL\033[0m TCP %-6s %s\n" "$port" "$label" | |
| ((fail++)) | |
| fi | |
| } | |
| test_udp() { | |
| local port=$1 label=$2 | |
| # UDP is connectionless — nc -zu sends a probe but can only detect | |
| # explicit ICMP rejection. No rejection = "open or filtered". | |
| if nc -z -u -w "$TIMEOUT" "$HOST" "$port" 2>/dev/null; then | |
| printf " \033[33mOPEN?\033[0m UDP %-6s %s (open or filtered)\n" "$port" "$label" | |
| else | |
| printf " \033[31mFAIL\033[0m UDP %-6s %s (rejected)\n" "$port" "$label" | |
| ((fail++)) | |
| fi | |
| } | |
| echo "" | |
| echo "Testing ports on $HOST ..." | |
| echo "" | |
| echo "--- TCP ---" | |
| test_tcp 22 "OpenSSH" | |
| test_tcp 8111 "Omniverse Kit HTTP" | |
| test_tcp 40810 "CloudXR RTSP Discovery" | |
| test_tcp 48010 "CloudXR Connect" | |
| echo "" | |
| echo "--- UDP (best-effort, open/filtered is normal) ---" | |
| test_udp 47998 "CloudXR Video" | |
| test_udp 47999 "CloudXR Input" | |
| test_udp 48000 "CloudXR Audio" | |
| test_udp 48002 "CloudXR Mic" | |
| test_udp 48005 "CloudXR Video" | |
| test_udp 48008 "CloudXR Video" | |
| test_udp 48012 "CloudXR Video" | |
| echo "" | |
| echo "--- Summary ---" | |
| echo " TCP passed: $pass" | |
| [[ $fail -gt 0 ]] && echo " Failed: $fail" || echo " All checks passed." | |
| echo "" | |
| echo "Note: UDP shows 'OPEN?' when no rejection received — this is expected" | |
| echo "when the firewall allows the port. True UDP verification requires the" | |
| echo "CloudXR server to be running." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment