Partners Blog Contact Us

VidyoConferencing Firewall Ports for On-Premise Deployments

Follow

VidyoDesktop and VidyoRoom Requirements

To register to the VidyoPortal and place calls, the client side connection must be open to the VidyoPortal on these TCP and UDP ports:

VidyoDesktop and VidyoRoom Connectivity to VidyoPortal and VidyoRouter
TCP Port 80 HTTP - Outbound to VidyoPortal Client to VidyoPortal authentication and GUI
TCP Port 443 TCP - Outbound to VidyoProxy (running on a VidyoRouter - optional) Optional for TCP signaling and media proxy connections from endpoints
TCP Port 8443 HTTPS - Outbound to VidyoRouter (optional) Optional for SSL connection to VidyoRouter Configuration Pages
TCP Port 443 HTTPS - Outbound to VidyoPortal (optional) Optional for SSL connection to VidyoPortal
TCP Port 17992 EMCP - Outbound to VidyoPortal Client connection to VidyoManager
TCP Port 17990

SCIP - Outbound to VidyoPortal/VidyoRouter

Note: If you are using a VidyoRouter, the VidyoPortal does not apply.

Client connection to VidyoRouter
UDP Ports 50,000 - 65 ,535 RTP, sRTP, RTCP - Bi-Directional to and from the VidyoRouter Audio and Video Media from participants (6 ports per participant). RTP and RTCP pair for each audio, video, and data collaboration stream.
UDP Timeout General Comment Change from Default (0:02:00 - 2 minutes) to something larger (e.g., 3:00:00 - 3 hours) to avoid call timeouts

 

Some Firewalls have a UDP default timeout. On the Cisco PIX Firewall, for example, if the UDP timeout is not changed, then the call drops in exactly two minutes and the Vidyo client or clients must reconnect.

Many newer consumer home firewalls have SPI (Stateful Packet Inspection) active by default. This may need to be disabled for better performance.

For VidyoConferencing clients, who are behind restricted firewalls where the ports above cannot be opened, Vidyo provides the VidyoProxy to address these users. For more information, see Appendix B. VidyoProxy.

When using VidyoReplay and generating webcast links, the system resolves the VidyoReplay URL using DNS settings and establishes a connection on port 80 or 443 (depending on whether or not you have VidyoReplay security enabled). Therefore, port 80 or 443 must be opened on your network so your webcast links will work properly. For more information, see Configuring Conference Settings, and refer to the VidyoReplay Administrator Guide.



Vidyo Server Requirements

To enable remote management access to the Vidyo servers, the following TCP and UDP ports need to be opened through any server-side firewall or NAT:

Management Access to VidyoPortal, VidyoRouter, VidyoGateway, and VidyoReplay
TCP Port 80 HTTP - Inbound to Server Web Access to VidyoPortal and VidyoRouter
TCP Port 443 HTTPS - Inbound to Server (optional) Secure Web Access to VidyoPortal and VidyoRouter
TCP Port 22/2222 SSH - Inbound to Server SSH access to the VidyoPortal and VidyoRouter


The following services outline the ports required for Router Pools cascading.

Router Pools Connectivity to VidyoPortal and VidyoRouter to VidyoRouter
TCP Port 80 HTTP - Router to VidyoPortal Client to VidyoPortal authentication and GUI
TCP Port 443 HTTPS - Router to VidyoPortal (optional) Optional for SSL connection to VidyoPortal
TCP Port 17991 RMCP - Router to VidyoPortal Router connection to VidyoManager
TCP Port 17990 SCIP - Bi-Directional to and from VidyoRouters Signaling connections between VidyoRouters
UDP Ports 50,000 - 65,535 RTP, sRTP, RTCP - Bi-Directional to and from VidyoRouters

Audio and Video Media from participants (6 ports per participant)

RTP and RTCP pair for each audio, video, and data collaboration stream


The following services are optional on the VidyoPortal, VidyoRouter and VidyoGateway, and require the following TCP and UDP ports if they are used:

Other Services on VidyoPortal, VidyoRouter, and VidyoGateway
UDP Port 123 NTP - Outbound from Server Network Time Protocol
TCP Port 25 SMTP - Outbound from Server Email notifications for new user accounts, lost passwords, and licensing notifications. VidyoPortal only
TCP Port 3306 MySQL - Inbound to Server Call Detail Record (CDR) access for billing systems. VidyoPortal only
TCP Port 389 LDAP - Outbound from Server Optional authentication to LDAP and Active Directory
TCP Port 636 LDAPS - Outbound from Server Secure LDAP. Optional authentication to LDAP and Active Directory
UDP Port 161 - 162 SNMP - Inbound to Server Basic SNMP functions
TCP and UDP 3478 STUN - Bi-directional to and from Server Optional, only if using STUN for NAT traversal
Was this article helpful?
0 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.