Firewall settings v11

Firewall settings v11

SIP ALG

SIP ALG is the number one issue that will prevent phones registering to the platform. This is a setting that is quite often turned on automatically on most routers.  Ensure SIP ALG is turned OFF on the router and firewalls.

 

MTU Size

The MTU size needs to be set as high as possible – eg. 1500ms / 1520ms

 

UDP Timeout

The UDP timeout needs to be set at >300s

(NAT Refresh/Inactivity Timer on your local network equipment - usually an edge firewall, router or NAT device)

 

Draytek Requirement

Under the Firewall Settings, Call and Data Filter need to be disabled along with the Strict Firewall. We also recommend the Routers Firmware needs to be on the Latest Version.

 

CPE Port requirements

Device

Protocol

Destination

Destination port

IP Phone & ATA Signaling

SIP

_sip_udp.ipcomms-btwbslnws09.bt.com
147.152.35.102/29
147.152.35.110/29

 

ipcomms-btwbslnws09.bt.com
147.152.35.96/29
147.152.35.104/29

centrex-bslnws09.yourwhc.co.uk
62.7.201.128/27
62.7.201.160/27


uc-bslnws09.yourwhc.co.uk
62.7.201.172/32
217.32.186.0/26
217.32.186.64/26
217.32.186.128/26
62.7.201.140/32

 

UDP/TCP 5060 to 5075

 

 

 

UDP/TCP 5060

 

 

 

UDP/TCP 5060

 

 

 

 

UDP/TCP 5060, 5073, 5074, 8933

IP Phone & ATA Media

RTP

 

147.152.35.100/29
147.152.35.108/29

 

147.152.35.96/29
147.152.35.104/29
62.7.201.128/27
217.32.186.0/26
217.32.186.64/26
217.32.186.128/26
62.7.201.160/27

 

UDP16384 to 32766

 

 

 

UDP 32767 to 65535

IP Phone & ATA

NTP

europe.pool.ntp.org

UDP/TCP 123

IP Phone & ATA

DNS

                    Supplied locally

UDP/TCP 53

Cisco Linksys Download & Configuration

HTTPS

dm-linksys.yourwhc.co.uk
193.113.10.34
193.113.11.36

 

TCP 443

Cisco Small Business Download & Configuration

HTTPS

dm-csb.yourwhc.co.uk
193.113.10.33
193.113.11.35

 

TCP 443

Panasonic Download & Configuration

HTTPS

dm.yourwhc.co.uk
193.113.10.10
193.113.11.10

 

TCP 443

Polycom Download & Configuration

HTTPS

dm.yourwhc.co.uk
193.113.10.10
193.113.11.10

 

TCP 443

Yealink Download & Configuration

HTTPS

dm.yourwhc.co.uk
193.113.10.10
193.113.11.10

 TCP 443

Webex Clients (Mobile, Tablet and desktop)

HTTPS213.121.33.36
213.121.34.130

SRV: _xsi-client._tcp.webex-clients.yourwhc.co.uk

webex-clients.yourwhc.co.uk

webex-clients-01.yourwhc.co.uk

webex-clients-02.yourwhc.co.uk


TCP 443


Web Portal Port requirements


Device

Protocol

Destination

Destination port

Call Analytics Portal

HTTPS

icscallanalytics.yourwhc.co.uk
40.115.5.58

TCP 443

Voice Recording Portal

HTTPS

callrecorder.yourwhc.co.uk
193.113.10.32
193.113.11.34

Note browser access is via a redirect from the JolaPhone Portal.

 

 

 

TCP 443


Application Port Requirements


Device

Protocol

Destination

Destination port

Application Signaling

SIP

sip_udp.ipcomms-btwbslnws09.bt.com
147.152.35.102/29
147.152.35.110/29

 

UDP/TCP 5060 to 5075

Application Media

RTP

147.152.35.100/29
147.152.35.108/29

UDP16384 to 32766

Go Integrator

Proprietary

applications.yourwhc.co.uk
193.113.10.12
193.113.11.12

 

TCP 443

 

Go Integrator Downloads

HTTPS

downloads.yourwhc.co.uk
193.113.10.27
193.113.11.27

 

TCP 443

Go Integrator License Check

HTTPS

ccusage.yourwhc.co.uk
193.113.10.13
193.113.11.13

 

TCP 443


    • Related Articles

    • SIP Overlay - Firewall Rules

      The following Firewall rules are required for our SIP Overlay product to work without issues; The following is needed for GS Remote Provisioning (HTTPS): 34.247.234.27 3.248.235.169 TR69 TCP 7547 54.73.211.221 18.168.177.2 18.133.210.75 SIP UDP 5060 ...

    • Data APN Settings

      Please see below the APN settings for the various different JolaMobile SIM cards: For all SIMs the Authentication Type must be set to PAP and Roaming needs to be Enabled, some customers have also seen the need to manually force their device to ...

    • Voicemail settings - JolaPhone

      How this Feature will help you If you can’t take a call for some reason, rather than lose it, you can have the call answered by an automated system so the caller can leave a message. You can then pick up your messages later on in a number of ways, ...

    • Robustel - Change the WiFi Settings

      PLEASE NOTE – All Jola supplied Robustel routers come with the Jola ‘Mobile Manager client’ app pre-installed. When the router is first powered on the app will auto-update the factory WiFi settings to enable WiFi and set the SSID and Password as ...

    • JolaPhone VoIP System With Virgin Media Broadband

      Please note this information is for Virgin Media Business and Residential Broadband connections supplied by Virgin Media.  Due to the way Virgin Media Broadband connections route, this creates an incompatibility with JolaPhone systems.   There are ...