The following information is provided by our Cloud Video Services provider.
For the best results on video calls using the SIP protocol, the following ports should be opened on the Firewall:
A) General firewall rules (recommended)
We recommend using general firewall rules that allow for outgoing traffic, as shown in the table below. This will always work in all regions as well as for future upgrades of our infrastructure. Please supply your network administrator with these details.
We also recommend to turn off any SIP and H.323 application gateways that may be enabled in the firewall.
A. 1) Service network
The following ports need to be open in order for us to provision and service your terminals and soft clients.
REQUIRED | SERVICE | HOST | TRANSPORT | PORTS | RULE |
---|---|---|---|---|---|
Mandatory | Provisioning and Phone book | ANY | TCP | 80, 389, 443 | Outgoing, established |
A. 2) Calling network
Rules to allow call signaling and media to flow through. Only traffic initiated from the inside is to be allowed.
REQUIRED | SERVICE | HOST | TRANSPORT | PORTS | RULE |
---|---|---|---|---|---|
Mandatory | Call signaling | ANY | TCP | 1720, 2776, 2777, 5060, 5061 | Outgoing, established |
Mandatory | Call media | ANY | UDP | 10000-65535 | Outgoing, established |
A. 3) Extra services
These rules are optional, open these for a better service experience.
REQUIRED | SERVICE | HOST | TRANSPORT | PORTS | RULE |
---|---|---|---|---|---|
Recommended | Network Time Protocol | ANY | UDP | 123 | Outgoing, established |
Recommended | SNMP Traps | ANY | UDP | 162 | Outgoing, established |
Alternative rules, limited hosts/networks to open in your firewall.
B) Scoped down firewall rules
Some security policies may require limiting the list of IP addresses. If this is the case, the following networks should be opened up in your firewall. We recommend opening for the Global network, as this has presence in Europe, the US and most of Asia. However, if your office is located in Saudi Arabia or greater China, we recommend that you open up these networks in addition.
Note that the video servers on these IP addresses work as application layer gateways, and only relay audio/video traffic, so trusting these IP addresses should be safe from a security point of view.
B. 1) Service network (Avizia Cloud specific)
REQUIRED | SERVICE | HOST | TRANSPORT | PORTS | RULE |
---|---|---|---|---|---|
Mandatory | Provisioning and Phone book | 46.137.184.162 | TCP | 80, 389, 443 | Outgoing, established |
B. 2) Calling network (Avizia Cloud specific)
You must open for at least one of regions below. For most customers Global will do, unless located in greater China or Saudi Arabia.
REQUIRED | REGION | NETWORK | NETMASK |
---|---|---|---|
Mandatory (for all customers) |
Global (all 5 segments) |
176.121.88.0 | 255.255.248.0 (/21) |
91.240.204.0 | 255.255.252.0 (/22) | ||
91.240.195.0 | 255.255.255.0 (/24) | ||
185.94.240.0 | 255.255.252.0 (/22) | ||
185.124.96.0 | 255.255.252.0 (/22) | ||
Required for region | Southern Africa | 196.34.160.224 | 255.255.255.224 (/27) |
with these destination ports open to allow for outbound initiated traffic and its return traffic:
REQUIRED
|
TRANSPORT
|
PORTS
|
RULE
|
---|---|---|---|
Mandatory | TCP | 80, 389, 443, 1720, 2776, 2777, 5060, 5061 | Outgoing, established |
Mandatory | UDP | 10000-65535 | Outgoing, established |
B. 3) Extra services (Avizia Cloud Specific)
These rules are optional, open these for a better service experience.
REQUIRED | SERVICE | HOST | TRANSPORT | PORTS | RULE |
---|---|---|---|---|---|
Recommended | Network Time Protocol | 176.58.109.199 | UDP | 123 | Outgoing, established |
Recommended | SNMP Traps | 46.137.184.162 | UDP | 162 | Outgoing, established |