The following ports must be permitted outbound to the destination IP addresses listed:
Hardphone
Service | Outbound |
SIP + RTP (Voice) | 5060 UDP 5060 TCP 5061 TCP 10000-60000 UDP |
Deskphone softkeys | 443 TCP 80 TCP |
Directory Services (LDAP) | 389 TCP 389 UDP |
NTP | 123 UDP |
DNS | 53 UDP 53 TCP |
Remote diagnostics | 514 UDP (0.0.0.0/0) |
Destination IP Addresses | 193.104.89.0/24 77.95.114.0/24 77.95.112.0/24 82.144.248.0/24 |
Softphone
Service | Outbound |
Softphone | 443 TCP 443 UDP |
RTP (voice) | 10000-60000 UDP |
Destination IP addresses | 193.104.89.0/24 77.95.114.0/24 77.95.112.0/24 82.144.248.0/24 |
Secure websockets must be allowed through the firewall
Phonebar
Service | Outbound |
Softphone | 443 TCP 443 UDP |
RTP (voice) | 10000-60000 UDP |
Destination IP addresses | 193.104.89.0/24 77.95.114.0/24 77.95.112.0/24 82.144.248.0/24 |
Secure websockets must be allowed through the firewall
Web
Service | Outbound |
Softphone | 443 TCP (0.0.0.0/0) 443 UDP |
Secure websockets must be allowed through the firewall
* X-on recommends that SIP ALG is disabled as it often incorrectly modifies SIP headers
* There are no inbound Firewall requirements