Skip to main content

Surgery Connect Firewall Requirements

The following ports must be permitted outbound to the destination IP addresses listed:

Deskphone

Service

Outbound Service

Destination

SIP + RTP (Voice)

5060 UDP

5060 TCP

5061 TCP

10000-60000 UDP

193.104.89.0/24

77.95.114.0/24

77.95.112.0/24

82.144.248.0/24

Deskphone softkeys

443 TCP

80 TCP

193.104.89.0/24

77.95.114.0/24

77.95.112.0/24

82.144.248.0/24

Directory Services (LDAP & LDAPS)

389 TCP

389 UDP

636 TCP

193.104.89.0/24

77.95.114.0/24

77.95.112.0/24

82.144.248.0/24

NTP

123 UDP

193.104.89.0/24

77.95.114.0/24

77.95.112.0/24

82.144.248.0/24

DNS

53 UDP

53 TCP

193.104.89.0/24

77.95.114.0/24

77.95.112.0/24

82.144.248.0/24

Remote diagnostics

514 UDP

(0.0.0.0/0)

Web

443 TCP

Cloudflare IP ranges:

Softphone & Phonebar

Service

Outbound Service

Destination

Softphone

443 TCP

443 UDP

193.104.89.0/24

77.95.114.0/24

77.95.112.0/24

82.144.248.0/24

RTP (voice)

10000-60000 UDP

193.104.89.0/24

77.95.114.0/24

77.95.112.0/24

82.144.248.0/24

Web

443 TCP

Cloudflare IP ranges:

*There are no inbound firewall requirements.

*We recommend that SIP ALG is disabled as it often incorrectly modifies SIP headers

Surgery Intellect, powered by TORTUS

Surgery Intellect communicates with the TORTUS API via HTTPS TCP/IP requests. Because of this, it is important to test that the app can correctly communicate with the server

In some cases when on networks with restricted firewalls, you may need to whitelist their endpoints so that all functionality works correctly. If you or your users experience issues signing in, or are unable to complete consultations, we recommend the following domain entries are allowed on every device that you wish TORTUS to operate on:

Name

URL

Description

TORTUS Domain

This will cover all TORTUS services. They recommend this approach so you do not need to re-configure as they add / change new endpoints

They use a range of subdomains for their services, including authentication and their API

Specifically, they require allowing the majority of HTTP Methods: GET, PATCH, PUT, POST, DELETE, OPTIONS

TORTUS Monitoring

The monitoring tool that TORTUS use to notify them of potential service issues from the TORTUS App or their API

Auth0

This is TORTUS' Authentication provider’s log in page - some stylesheets are loaded from this address

Did this answer your question?