B. Firewall Configurations

Ports used:

In order to communicate with the telephone system, the end devices must be able to communicate outbound via the following ports:

Protocol  Target port  Purposes  Targets
TCP80, 83, 443, 18443   

Provisioning

all networks
UDP123NTPall networks
UDP53

DNS

Customer DNS server
UDPall portsSIP, RTP, T-38, FMC, etc.109.68.96.0/21
TCPall ports

SIP/TLS, SIP, FMC

109.68.96.0/21

Though Firewalls are usually covered by a configuration of 109.68.96.0/21, the following information applies to Proxy users: They often work with URIs. It is essential to instruct a Proxy to put through certain requests, namely to define as exeptions:
*.cloud-cfg.com
*.cloudya.com
109.68.96.0/21

ICMP packets type 3 (Destination unreachable) may not be blocked under any circumstances! Otherwise the dynamic determination of necessary transmission parameters may fail at network level.

Filtering and blocking of ICMP packets should be done very carefully, since elementary network operation functionalities may be disrupted.