B. Firewall Configurations
Ports used:
In order to communicate with the telephone system, the end devices must be able to communicate outbound via the following ports:
Protocol | Target port | Purposes | Targets |
TCP | 80, 83, 443, 18443 | Provisioning | all networks |
UDP | 123 | NTP | all networks |
UDP | 53 | DNS | Customer DNS server |
UDP | all ports | SIP, RTP, T-38, FMC, etc. | 109.68.96.0/21 |
TCP | all ports | SIP/TLS, SIP, FMC | 109.68.96.0/21 |
Though Firewalls are usually covered by a configuration of 109.68.96.0/21, the following information applies to Proxy users: They often work with URIs. It is essential to instruct a Proxy to put through certain requests, namely to define as exeptions:
*.cloud-cfg.com
*.cloudya.com
109.68.96.0/21
ICMP packets type 3 (Destination unreachable) may not be blocked under any circumstances! Otherwise the dynamic determination of necessary transmission parameters may fail at network level.
Filtering and blocking of ICMP packets should be done very carefully, since elementary network operation functionalities may be disrupted.