3rd Party Firewall Rules: Difference between revisions
(Created page with "This page is part of the Network and QoS guides.") |
No edit summary |
||
(12 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
This page is part of the [[Network and QoS]] guides. | This page is part of the [[Network and QoS]] guides. | ||
= Networking = | |||
Step one would be, can you see our servers? You can check here: https://core1-dal.vestednetworks.com/webtest/webtest.php | |||
After you have confirmed that our servers are reachable via HTTPS/SSL ports, you will need to make sure some more VoIP specific ports are open on your network. | |||
== IP Addresses == | |||
The easiest way is to allow any ports to and from the following IP addresses to pass through your firewall. | |||
If you cannot open all ports to the following addresses, you must open the ports listed below to the following IPs . | |||
=== Allow === | |||
<blockquote> | |||
==== Voice/Video Traffic ==== | |||
* '''Primary Addresses:''' 216.58.152.240/28 | |||
* '''Secondary Addresses:''' 74.63.180.0/28 | |||
==== Fax Traffic ==== | |||
* '''ATA''': ataserver.ipfax.net & ataini.ipfax.net | |||
</blockquote> | |||
== Voice/Video Ports == | |||
If you cannot open all ports to an IP address, you may need to open specific ports through your firewall. | |||
The following ports must be allowed to pass through your firewall to ensure proper function of your phone systems. | |||
=== Allow === | |||
<blockquote> | |||
==== SIP (SIP Handshaking) ==== | |||
* '''UDP/TCP, in/out:''' 5060-5062 | |||
==== WebSockets (NOVA Web Softphone, Mobile App) ==== | |||
* '''TCP, in/out:''' 9002 | |||
==== RTP (Streaming Audio and Video for calls) ==== | |||
* '''UDP/TCP, in/out:''' 20000-32000 | |||
</blockquote> | |||
== Web Portal and Fax Ports == | |||
The following ports must be allowed to pass through your firewall to connect to the web portal and to use faxing. | |||
=== Allow === | |||
<blockquote> | |||
==== HTTP ==== | |||
* '''TCP, out:''' 80, 8080 | |||
==== HTTPS/SSL ==== | |||
* '''TCP, out:''' 443, 8443 | |||
</blockquote> | |||
== Advanced Routing Options == | |||
Not all firewalls, gateways, or modems will have these options visible. You may have to contact your ISP in order to make sure they have these options disabled on your incoming connection. | |||
=== Disable === | |||
<blockquote> | |||
==== Settings ==== | |||
* SIP-ALG | |||
* H.225 | |||
</blockquote> | |||
== Sonic Wall Specific Routing == | |||
=== Disable === | |||
<blockquote> | |||
==== Settings ==== | |||
* SIP Transformations | |||
</blockquote> | |||
=== Enable === | |||
<blockquote> | |||
==== Settings ==== | |||
* Consistent NAT | |||
* UDP Timeout to 120 | |||
</blockquote> | |||
== VoIP Bandwidth Requirements == | |||
Our default compression uses 90kbps up & down for one single call. | |||
Example: 6 active calls is roughly 540kbps up & down reserved. This would be a normal use case for ~20 seats with an average use of 30%. |
Latest revision as of 21:59, 5 March 2024
This page is part of the Network and QoS guides.
Networking
Step one would be, can you see our servers? You can check here: https://core1-dal.vestednetworks.com/webtest/webtest.php
After you have confirmed that our servers are reachable via HTTPS/SSL ports, you will need to make sure some more VoIP specific ports are open on your network.
IP Addresses
The easiest way is to allow any ports to and from the following IP addresses to pass through your firewall.
If you cannot open all ports to the following addresses, you must open the ports listed below to the following IPs .
Allow
Voice/Video Traffic
- Primary Addresses: 216.58.152.240/28
- Secondary Addresses: 74.63.180.0/28
Fax Traffic
- ATA: ataserver.ipfax.net & ataini.ipfax.net
Voice/Video Ports
If you cannot open all ports to an IP address, you may need to open specific ports through your firewall.
The following ports must be allowed to pass through your firewall to ensure proper function of your phone systems.
Allow
SIP (SIP Handshaking)
- UDP/TCP, in/out: 5060-5062
WebSockets (NOVA Web Softphone, Mobile App)
- TCP, in/out: 9002
RTP (Streaming Audio and Video for calls)
- UDP/TCP, in/out: 20000-32000
Web Portal and Fax Ports
The following ports must be allowed to pass through your firewall to connect to the web portal and to use faxing.
Allow
HTTP
- TCP, out: 80, 8080
HTTPS/SSL
- TCP, out: 443, 8443
Advanced Routing Options
Not all firewalls, gateways, or modems will have these options visible. You may have to contact your ISP in order to make sure they have these options disabled on your incoming connection.
Disable
Settings
- SIP-ALG
- H.225
Sonic Wall Specific Routing
Disable
Settings
- SIP Transformations
Enable
Settings
- Consistent NAT
- UDP Timeout to 120
VoIP Bandwidth Requirements
Our default compression uses 90kbps up & down for one single call.
Example: 6 active calls is roughly 540kbps up & down reserved. This would be a normal use case for ~20 seats with an average use of 30%.