Versions Compared

Version Old Version 3 New Version Current
Changes made by

Bob Young

Kelli Higdon

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
stylenone

Firewall / NAT Checklist

If you plan on using phones or accessing Switchvox from remote clients, you must forward certain ports back to your PBX. Also, you'll need to enable the "Allow Nat Port Forwarding" option in the Server > Networking > IP Configuration section of your Switchvox Web Admin.

...

Transport

Port(s)

Description

D-Series and P-Series Phones

TCP/UDP

5060

SIP signaling port needed for phones outside your network

TCP/UDP

5061 (SIP TLS)

For SIP TLS port needed for phones outside your network, only if you are using TLS/SRTP transport option

UDP

10000-20000

RTP audio ports needed for phones outside your network 

TCP

443

HTTPS port for API access

TCP

80

HTTP port for  D-Series phone-firmware access

UDP

5062

Direct  port access for D-Series phones for configuration (Deprecated / Not used after Switchvox 6.4)

Sangoma Connect/Talk Mobile 

TCP/UDP
TCP/UDP

5060
5061 (SIP TLS)

SIP signaling ports needed for phones outside your network
TLS port needed for TLS/SRTP transport option

UDP

10000-20000

RTP audio ports needed for phones outside your network 

TLS

5095

SIP signaling to http://cloud-fe.meet.sangoma.com to facilitate audio transfer from Switchvox to Meet when moving a call to the Meet service.

IP Whitelist

Sangoma Connect/Talk SIP Push/Register servers require SIP access to your PBX for the application to work correctly.  If we have a restrictive firewall, please ensure that the following IPs can reach your PBX in TCP/UDP ports 5060 and 5061. For more information, please visit How to Set Up and Manage Switchvox for Sangoma Connect Mobile /wiki/spaces/ST/pages/429129872.
 159.65.167.207
159.65.186.176
159.65.251.173
159.65.252.186
159.65.253.49159.89.179.103
162.243.226.164
165.227.65.164
165.227.115.186
165.227.182.9165.227.184.188
165.227.190.186
165.227.210.221
165.227.223.68
167.99.48.91167.99.119.203
167.99.119.244
104.131.76.244
143.198.53.243
198.199.67.34
159.203.163.250

Legacy Switchvox Mobile Softphones  (Not recommended in 7.6.2 or later, and deprecated in 7.8.2)

TCP/UDP

5060

SIP signaling port needed for phones outside your network

TCP/UDP

55062

SIP signaling port that may be needed for Legacy Mobile Softphones 

UDP

10000-20000

RTP audio ports needed for phones outside your network 

TCP

443

HTTPS port for API access

Desktop Softphones and Switchvox Chat for Mobile

TCP

443

HTTPS port for Desktop client

UDP

10000-20000

RTP audio ports needed for phones outside your network

Web Portal for Admin or User

TCP

80

HTTP port for remote web

TCP

443

HTTPS port for remote web admin, user  and API access

TCP

5222 & 843

Ports for using the Switchboard remotely  (Deprecated / Not used after Switchvox 7.0)

TCP

5269

Port for remote XMPP access (Deprecated / Not used after Switchvox 7.0)

VoIP provider with T.38 Support

UDP

5060

SIP signaling port needed to connect with your VoIP provider outside of your network

UDP

10000-20000

RTP audio ports needed for phones outside your network

UDPTL

4000-4999

UDPTL ports for T.38 faxing over SIP

UDP

4569

IAX Signalling for IAX provider (Deprecated / Not used after Switchvox 7.0)

...

We also have accumulated a shortlist of specific 3rd party firewall settings for various makes/models /wiki/spaces/NC/pages/397606952 that we know can cause issues with the Switchvox software.