This article lists the TCP and UDP ports used by DataRemote PIAB device, for use with configuring a firewall to allow access for inbound and outbound traffic to the DataRemote Switch, PBX, and provisioning servers.
Best Practices: We highly recommend that the unit is placed IN FRONT of the firewall. Communication would occur directly from the VOIP/Alarm/Fax to the SIP, provisioning, and other DRI servers which would separate it from your internal network.
If this is not possible then below is the information that you would need to make exceptions to your firewall(s).
*IMPORTANT NOTES*
DataRemote recommends that an external public DNS server (ex. Google Public DNS servers @ 8.8.8.8 (Primary) and 1.1.1.1 (Secondary) be used in the configuration.
Set the firewall to allow pings (ICMP/Outbound) to 8.8.8.8 and 1.1.1.1. (Communication Verification/WAN Failover)
The device must have proper time configured via NTP in order to function properly. The customer can provide their own internal NTP servers if desired but this is not recommended.
Please ensure that “SIP ALG” is turned OFF, and “EGRESS filtering” is turned OFF/Disabled on all upstream Firewalls/Switch/Router.
Inbound AND Outbound Traffic
Purpose | Network Address | Protocol | Destination Ports |
---|---|---|---|
ACS STUN | 63.250.0.0/24 70.42.78.0/24 142.215.242.0/24 12.44.197.0./24 |
UDP | 3478, 3479 |
RTP STANDARD VOICE | 70.42.69.0/24 209.170.195.0/24 66.150.215.0/24 |
UDP | 1024-65535 |
RTP ENHANCED MODEM/FAX/ALARM | 70.42.78.0/24 142.215.242.0/24 12.44.197.0/24 12.111.243.0/24 12.22.54.0/24 12.156.112.0/24 54.90.174.81/32 |
UDP | 10000-40000 |
Outbound Only Traffic
Purpose | Network Address | Protocol | Destination Ports |
---|---|---|---|
Management | o.o.o.o/0 | TCP | 443, 8080, 8443, 8883 |
Email Alerts | 0.0.0.0/1 | TCP | 465, 587, 2525 |
Firmware | 18.235.9.230/32 54.211.12.19/32 142.215.242.0/24 12.44.197.0/24 |
TCP | 20, 21 |
WAN Failover | 8.8.8.8/32 1.1.1.1/32 |
ICMP | |
DNS | 8.8.8.8/32 8.8.4.4/32 1.1.1.1/32 |
TCP & UDP | 53 |
NTP | 0.0.0.0/0 | UDP | 123 |
RTP ENHANCED MODE/FAX/ALARM | 70.42.78.0/24 142.215.242.0.24 12.44.197.0/24 12.111.243.0/24 12.22.54.0/24 12.156.112.0/24 54.90.174.81/32 |
UDP | 7060 |
RTP ENHANCED MODEM/FAX/ALARM | 70.42.78.0/24 142.215.242.0/24 12.44.197.0/24 12.111.243.0/24 12.22.54.0/24 12.156.112.0/24 54.90.174.81/32 |
TCP | 7160, 10000, 10100 |