Please enable JavaScript to view this site.

SIP Telephones

Firewall requirements inbound to the IP Office system.

Port

Direction

Protocol

Reason

443

In

HTTPS

Secure client configuration/Web Socket

80

In

HTTP

Client configuration/Web Socket

8411

In

HTTP

Client configuration/Web Socket if "use preferred phone ports" is enabled in IP Office system manager

411

In

HTTPS

Secure client configuration/Web Socket if "use preferred phone ports" is enabled in IP Office system manager

5060
(5056 on Partner Cloud systems)

In/Out

TCP/UDP

SIP Signaling- Only needed for unsecured SIP devices

5061

IN/Out

TCP

TLS SIP Signaling

40750-50750

In

UDP

RTP/RTCP - Media for SIP and H.323

Requirements for Avaya IX Workplace Client clients and Avaya Spaces

Avaya Spaces endpoints use the following types of traffic:

HTTPS and WebSocket (WSS) (https://en.wikipedia.org/wiki/WebSocket)

WebRTC (https://en.wikipedia.org/wiki/WebRTC)

TLS traffic is used for both HTTPS and WSS, any TLS-inspection should support these protocols or have an exception for Spaces’ hosts.

Important: TCP and HTTP tunneling are not supported for Audio and Video.

The following hosts and protocols should be unrestricted for all Avaya Spaces features to work as intended. Whitelisting based on IP address is not recommended since these may change dynamically. In addition, HTTP headers such at Authorization should be left intact.

Hosts

Ports

Protocol

Description

*.avayacloud.com

80, 443

HTTPS, WSS

Messages

1025-65535

UDP

Audio/Video

3000-3999

UDP

Audio/Video

*.googleapis.com

80, 443

HTTPS

Screen sharing, file sharing

*.onesna.com

80, 443

WSS

Presence (Presence in this context refers to local (Spaces) presence such as attendees joining the same Space – other attendee should see green dot showing the user is present. )

1025-65535

UDP

Audio/Video

3000-3999

UDP

Audio/Video

*.esna.com

80, 443

HTTPS

Mobile authentication

ASN of 15169

5228, 5229, 5230

TCP

Push notification

accounts.google.com

80, 443

HTTPS

SSO

login.microsoftonline.com

80, 443

HTTPS

SSO

login.salesforce.com

80, 443

HTTPS

SSO

*.avaya.com

80, 443

HTTPS

SSO

*.gstatic.com

80, 443

HTTPS

CDN

Requirements for Avaya IX Workplace Client client and Avaya IX Workplace Client Meetings Online

Firewall requirements in direction from customer premise to Cloud.

Port

Direction

Protocol

Reason

443, 8443

Out

TCP

Unified Portal, web meet me (WebRTC) signaling and web collaboration server

35000-40000 (configurable)

Out

UDP

SIP connectivity – media

3478, 50000-55000 (configurable)

Out

UDP

Web meet me connectivity – media

 

 

Performance figures, data and operation quoted in this document are typical and must be specifically confirmed in writing by Avaya before they become applicable to any particular order or contract. The company reserves the right to make alterations or amendments at its own discretion. The publication of information in this document does not imply freedom from patent or any other protective rights of Avaya or others. All trademarks identified by ™, ® or © are registered trademarks or trademarks respectively are the property of their respective owners.

© 2020 AVAYA
Issue 07.f.-
Tuesday, September 15, 2020