Configuring Firewalls for Use with UC Analog
Table of Contents
PrerequisitesPrerequisites
UC Analog is an add on service.
This port and IP information can be useful if you are using the WAN port of UC Analog and have a zero-trust network configuration with a firewall device upstream of the UC Analog endpoint. The firewall may restrict outbound traffic on the inside, or "private side," of your network. The destination IP and ports below should be permitted to allow UC Analog-related traffic.
These port specifications are accurate for firmware 7.5.2.2 or later.
| Destination IP Addresses, Ranges, or FQDNs | Destination Port and Protocols Required |
|---|---|
| 208.83.244.0/22, 162.253.220.0/22, 206.198.220.0/22 | UDP 1194, 1294, 3480 and 10000 to 20000 (for SRTP), 53 (Optional but recommended), UDP 23456 for MPT; TCP 443, 8883. These ports are used for HTTPs requests, VPN establishment, NTP, SRTP, and DNS. |
| probe.oomasrv.com, sensor.probetarget.com, ipv4.connman.net | TCP 80, 443. This is used for periodic connectivity testing for failover. |
| 38.17.43.204 | TCP/UDP 993, 8443, 9443; This is used for Syslog. |
| ntp1.ooma.com, ntp2.ooma.com, 0.ooma.pool.ntp.org, 1.ooma.pool.ntp.org, 2.ooma.pool.ntp.org, 3.ooma.pool.ntp.org | UDP 123. This is used for NTP network time requests. |
| 8.8.8.8 (Optional but recommended), 8.8.4.4 (Optional but recommended) | UDP 53. This is used for DNS. |
It is also recommended to keep ICMP requests from UC Analog open for ad hoc troubleshooting if needed.