Although we do not have every firewall listed, most modern commercial firewalls are capable of handling our Viirtue UCaaS service.
- Ensure "SIP ALG" is disabled.
- If router has a UDP Timeout setting, make sure it is set to 90-seconds or higher.
- Make sure the phones are not load balanced if multiple WAN's. Create a rule to make sure the phones only fail over onto different circuits. Our system "locks" onto the registered IP and will deny requests from others preventing the phone to download the directory and other config files from any IP other than the registered one.
We generally create a rule to allow and prioritize all traffic to and from our servers. Most communication occurs over port 5060, but there are some other services that run over other ports. Most of the time there is no issue with firewalls allowing the RTP to flow through, but if so, the RTP ports used on the server are listed below as well.
- Allow and prioritize all traffic to and from core2-nj.5060.cloud (184.108.40.206)
- Allow and prioritize all traffic to and from our geo server: core-fl.5060.cloud (220.127.116.11)
- Allow all traffic to and from our provisioning server: p1.5060.cloud (18.104.22.168)
- (optional) enable option 66: http://p1.5060.cloud/cfg
We open 20000-27999 on the server for RTP by default but these ranges can change.