Firewall Requirements

What you need to know

Business Digital Voice is a hosted unified communications solution operating in the United States of America.

The service has multiple components including voice, video, desktop and mobile applications, web applications, and service quality tools. These components require communication between devices on the customer’s local area or wireless network connections and servers in the Business Digital Voice infrastructure. For this communication to function properly, customer security devices, such as firewalls, must not block IP addresses and TCP/UDP service ports used by the Business Digital Voice service.

The following topics of this guide provide information needed to properly configure a customer’s firewall to allow all communications between customer devices/applications and Business Digital Voice services.

Note: If a router and/or firewall is “SIP Aware”, that is, it has SIP ALG or similar enabled, we recommend that this functionality be turned OFF for correct operation of the service. See the relevant manufacturer's documentation for more information on how to disable SIP ALG on specific devices.

Help Topics

 

A. North America - NA - Commercial

Business Digital Voice service is set up in the United States, therefore the service ports and associated protocols listed below should be allowed for the following subnets:


Back to Top

B. IP Phones, ATAs and IADs

Device

Protocol

Destination/DNS

IP

Destination Port

IP Phone / ATA / IAD

NTP

Endpoint clock synchronization

ntp.broadcloudpbx.net

199.59.65.181

199.59.66.181

UDP 123

IP Phone / ATA / IAD

DNS

For resolving configuration server A Records and call control SRV Records

Supplied Locally

 

UDP/TCP 53

SBC Traffic

SIP

Dallas

128.177.36.0/26

UDP / TCP

IP Endpoints

 

 

199.59.65.0/25

8933

 

 

 

135.84.171.0/25

 

 

 

 

199.19.197.0/24

 

 

 

 

 

 

 

Chicago

128.177.14.0/25

 

 

 

 

199.59.66.0/25

 

 

 

 

135.84.172.0/25

 

 

 

 

199.19.199.0/24

 

 

 

 

 

 

 

New York

199.59.71.0/25

23.89.33.0/24

 

 

 

 

SBC Traffic

RTP

Dallas

128.177.36.0/26

UDP

IP Endpoints

 

 

199.59.65.0/25

19560 to 65535

 

 

 

135.84.171.0/25

 

 

 

 

199.19.197.0/24

 

 

 

 

 

 

 

Chicago

128.177.14.0/25

 

 

 

 

199.59.66.0/25

 

 

 

 

135.84.172.0/25

 

 

 

 

199.19.199.0/24

 

 

 

 

 

 

 

New York

199.59.71.0/25

23.89.33.0/24

 

 

 

 

SBC Traffic IP Endpoints

SIP/TLS

Dallas

 

 

 

Chicago

 

 

New York

 

128.177.36.0/26

199.59.65.0/25

135.84.171.0/25

199.19.197.0/24

 

128.177.14.0/25

199.59.66.0/25

135.84.172.0/25

199.19.199.0/24

 

199.59.71.0/25

23.89.33.0/24

TCP 8934

SBC Traffic IP Endpoints

SRTP

Dallas

 

 

 

Chicago

 

 

New York

 

128.177.36.0/26

199.59.65.0/25

135.84.171.0/25

199.19.197.0/24

 

128.177.14.0/25

199.59.66.0/25

135.84.172.0/25

199.19.199.0/24

 

199.59.71.0/25

23.89.33.0/24

UDP 19560 to 65535

Polycom IP Phone

HTTP/HTTPS

plcm.sipflash.com

128.177.36.191

128.177.14.191

TCP 80

443

Yealink IP

HTTPS

yealink.sipflash.com

128.177.36.213

TCP

Phone

 

 

128.177.14.213

443

Audiocodes

HTTPS

acodes.sipflash.com

128.177.36.189

TCP

IP Phone

 

 

128.177.14.194

443


Back to Top

C. Clients and Applications

Device

Protocol

Destination/DNS

IP

Destination Port

UC Endpoints (Clients)

HTTP / HTTPS CAP

apps.broadcloudpbx.net

128.177.36.138

128.177.14.181

TCP 80

 

XMPP

 

 

443

 

BroadCloud

 

 

1081

 

Applications, IM&P, file transfer and desktop sharing

 

 

2208

8443

 

 

 

 

5222

 

 

 

 

5280 to 5281

 

 

 

 

52644 to 52645

SBC Traffic

SIP

Dallas

128.177.36.10

TCP

UC Endpoints

 

 

128.177.36.13

8933

 

 

 

128.177.36.14

 

 

 

 

128.177.36.24

 

 

 

 

199.59.65.83

 

 

 

Chicago

128.177.14.10

 

 

 

 

128.177.14.13

 

 

 

 

128.177.14.14

 

 

 

 

128.177.14.24

 

 

 

 

199.59.66.83

 

 

 

New York

199.59.71.21

 

 

 

Los Angeles

199.59.70.21

 

SBC Traffic

RTP

Dallas

128.177.36.10

UDP

UC Endpoints

 

 

128.177.36.13

19560 to 65535

 

 

 

128.177.36.14

 

 

 

 

128.177.36.24

 

 

 

 

199.59.65.80

 

 

 

Chicago

128.177.14.10

 

 

 

 

128.177.14.13

 

 

 

 

128.177.14.14

 

 

 

 

128.177.14.24

 

 

 

 

199.59.66.83

 

 

 

New York

199.59.71.21

 

 

 

Los Angeles

199.59.70,21

 

WebRTC (Guest Client)

HTTPS

Desktop Sharing

apps.broadcloudpbx.net

128.177.36.138

128.177.14.181

TCP 8443

WebRTC (Guest Client)

XMPP / TLS

IM&P

apps.broadcloudpbx.net

128.177.36.138

128.177.14.181

TCP 5222

WebRTC

SIP

wrs.broadcloudpbx.net

128.177.36.131

TCP

(Guest Client)

 

 

128.177.14.132

8060

 

 

 

 

8070

 

 

wrs02.broadcloudpbx.net

199.59.65.207

 

 

 

 

128.177.14.207

 

WebRTC

RTP

wrs.broadcloudpbx.net

128.177.36.131

UDP

(Guest Client)

 

 

128.177.14.132

16000 to 19000

 

 

wrs02.broadcloudpbx.net

199.59.65.207

 

 

 

 

128.177.14.207

 


Back to Top

D. DNS/NTP Service

Device

Protocol

Destination/DNS

IP

Destination Port

NTP

NTP

Optional use of BroadCloud provided public NTP service

ntp.broadcloudpbx.net

199.59.65.181

199.59.66.181

UDP 123

DNS

DNS

Optional use of BroadCloud provided DNS service for VPN customers

No DNS

199.59.65.181

199.59.66.181

UDP/TCP 53


Back to Top

E. Web Portal Access

Device

Protocol

Destination/DNS

IP

Destination Port

All User

HTTP / HTTPS

Service Provider Portal Dashboards

examinet.adpt-tech.com

128.177.36.152

TCP

Computers

(includes ExamiNet)

examinetbeta.broadcloudpbx. com

128.177.36.186

80

443

 

examinet.broadcloud.eu

85.119.57.240

 

 

examinet.broadcloud.com.au

199.59.64.142

 


Back to Top

Start Here Support