Domain Whitelisting
If your firewall policies restrict outbound connections based on Fully Qualified Domain Names (FQDNs), please whitelist the following domains for all protocols (specifically HTTPS, TCP, and UDP):
talentlynk.ai
callswitchone.com
voipcp.com
yay.com
talk.callswitchone.com
provision.voipcp.com
firstprovision.voipcp.com
IP Address Whitelisting
If your firewall policies are based on IP addresses rather than FQDNs, or if FQDN whitelisting is insufficient, please whitelist the following IP addresses provided by the service provider. Traffic must be permitted to and from these IPs according to the port specifications in Section 4.
1. SIP Server IPs
34.105.170.20
35.242.140.109
34.105.214.80
34.105.209.181
34.147.142.100
34.89.77.216
34.89.33.0
35.246.58.184
34.147.181.186
35.234.151.7
35.197.230.12
34.105.130.238
34.89.66.152
2. RTP Server IPs
35.246.34.97
34.147.198.83
35.246.28.102
34.147.171.124
Firewall Port and Protocol Rules
The following rules are required to allow VoIP traffic. Please configure these rules on the customer-premise firewall.
1. SIP (Session Initiation Protocol) - Signaling
Protocol: TCP
Ports: 5060 - 5061
Direction: Outbound (Primary), Inbound (Secondary/Stateful)
Source IPs (Outbound): Customer Network SIP Devices (Phones/Apps)
Destination IPs (Outbound): Provider SIP Server IPs (listed in 3.1)
Source IPs (Inbound): Provider SIP Server IPs (listed in 3.1)
Destination IPs (Inbound): Customer Network SIP Devices (Phones/Apps)
Note: Stateful firewalls typically allow the necessary inbound SIP traffic automatically once an outbound connection is established. Explicit inbound rules may be needed if devices register as servers or if the firewall is stateless.
2. RTP (Real-time Transport Protocol) - Media (General)
Protocol: UDP
Ports: 10000 - 40000
Direction: Bidirectional (Inbound and Outbound)
Source IPs (Outbound): Customer Network SIP Devices (Phones/Apps)
Destination IPs (Outbound): Provider RTP Server IPs (listed in 3.2)
Source IPs (Inbound): Provider RTP Server IPs (listed in 3.2)
Destination IPs (Inbound): Customer Network SIP Devices (Phones/Apps)
Note: Specific ports within this range are negotiated via SIP for each call session. The firewall must allow traffic on any port within this range in both directions.
3. RTP (Real-time Transport Protocol) - Media (Mobile/Desktop App)
Protocol: UDP
Port: 9998
Direction: Bidirectional (Inbound and Outbound)
Source IPs (Outbound): Customer Network Mobile/Desktop App Instances
Destination IPs (Outbound): Provider RTP Server IPs (listed in 3.2)
Source IPs (Inbound): Provider RTP Server IPs (listed in 3.2)
Destination IPs (Inbound): Customer Network Mobile/Desktop App Instances (typically listening on port 9998)
Additional Considerations
Stateful Firewalls: Most modern stateful firewalls will automatically permit return traffic for established sessions. Ensure any SIP Application Layer Gateway (ALG) or helper functions are configured correctly or disabled if they cause conflicts.
NAT (Network Address Translation): Ensure appropriate NAT policies (Static NAT/Port Forwarding if necessary) are in place if SIP devices reside behind a NAT device without proper NAT traversal support (e.g., STUN/TURN, configured elsewhere).
Quality of Service (QoS): Consider implementing QoS policies to prioritise SIP (TCP 5060-5061) and RTP (UDP 9998, 10000-40000) traffic to ensure optimal call quality. Most routers will have an option to enable QoS from their settings.
Please apply these configurations and verify connectivity. Contact us if you encounter any issues.