Vidyo Firewall Ports for On-Premises Deployments
For more information, refer to Appendix A. Firewall and Network Address Translations (NAT) deployments in the VidyoPortal and VidyoRouter Administrator Guide.
VidyoDesktop, VidyoMobile, VidyoConnect, VidyoConnect for Mobile and VidyoRoom Requirements
To register to the VidyoPortal and place calls, the client side connection must be open to the VidyoPortal on these TCP and UDP ports:
| VidyoDesktop and VidyoRoom Connectivity to VidyoPortal and VidyoRouter | ||
| TCP Port 80 | HTTP - Outbound to VidyoPortal | Client to VidyoPortal authentication and GUI |
| TCP Port 443 | TCP - Outbound to VidyoProxy (running on a VidyoRouter - optional) | Optional for TCP signaling and media proxy connections from endpoints |
| TCP Port 8443 | HTTPS - Outbound to VidyoRouter (optional) | Optional for SSL connection to VidyoRouter Configuration Pages |
| TCP Port 443 | HTTPS - Outbound to VidyoPortal (optional) | Optional for SSL connection to VidyoPortal |
| TCP Port 17992 |
EMCP - Outbound to VidyoPortal |
Client connection to VidyoManager |
|
SCIP - Outbound to VidyoPortal/VidyoRouter Note: If you are using a VidyoRouter, the VidyoPortal does not apply. |
Client connection to VidyoRouter | |
| UDP Ports 50,000 - 65,535 | RTP, sRTP, RTCP - Bi-Directional to and from the VidyoRouter | Audio and Video Media from participants (6 ports per participant). RTP and RTCP pair for each audio, video, and data collaboration stream. |
| UDP Timeout | General Comment | Change from Default (0:02:00 - 2 minutes) to something larger (for example, 3:00:00 - 3 hours) to avoid call timeouts |
Some Firewalls have a UDP default timeout. On the Cisco PIX Firewall, for example, if the UDP timeout is not changed, then the call drops in exactly two minutes and the Vidyo client or clients must reconnect.
Many newer consumer home firewalls have SPI (Stateful Packet Inspection) active by default. This may need to be disabled for better performance.
For Vidyo clients, who are behind restricted firewalls where the ports above cannot be opened, Vidyo provides the VidyoProxy to address these users. For more information, see Appendix B. VidyoProxy.
When using VidyoReplay and generating webcast links, the system resolves the VidyoReplay URL using DNS settings and establishes a connection on port 80 or 443 (depending on whether or not you have VidyoReplay security enabled). Therefore, port 80 or 443 must be opened on your network so your webcast links will work properly. For more information, see Configuring Conference Settings, and refer to the VidyoReplay Administrator Guide.
Vidyo Server Requirements
To enable remote management access to the Vidyo servers, the following TCP and UDP ports need to be opened through any server-side firewall or NAT:
| Management Access to VidyoPortal, VidyoRouter, VidyoGateway, and VidyoReplay | ||
| TCP Port 80 | HTTP - Inbound to Server | Web Access to VidyoPortal and VidyoRouter |
| TCP Port 443 | HTTPS - Inbound to Server (optional) | Secure Web Access to VidyoPortal and VidyoRouter |
| TCP Port 22/2222 | SSH - Inbound to Server | SSH access to the VidyoPortal and VidyoRouter |
The following services outline the ports required for Router Pools cascading.
| Router Pools Connectivity to VidyoPortal and VidyoRouter to VidyoRouter | ||
| TCP Port 80 | HTTP - Router to VidyoPortal | Client to VidyoPortal authentication and GUI |
| TCP Port 443 | HTTPS - Router to VidyoPortal (optional) | Optional for SSL connection to VidyoPortal |
| UDP Port 443 | DTLS from Endpoint to VidyoRouter | DTLS signaling for media |
| TCP Port 17991 | RMCP - Router to VidyoPortal | Router connection to VidyoManager |
| TCP Port 17990 | SCIP - Bi-Directional to and from VidyoRouters | Signaling connections between VidyoRouters |
| UDP Ports 50,000 - 65,535 | RTP, sRTP, RTCP - Bi-Directional to and from VidyoRouters |
Audio and Video Media from participants (6 ports per participant) RTP and RTCP pair for each audio, video, and data collaboration stream |
The following services are optional on the VidyoPortal, VidyoRouter and VidyoGateway, and require the following TCP and UDP ports if they are used:
| Other Services on VidyoPortal, VidyoRouter, and VidyoGateway | ||
| UDP Port 123 | NTP - Outbound from Server | Network Time Protocol |
| TCP Port 25 | SMTP - Outbound from Server | Email notifications for new user accounts, lost passwords, and licensing notifications. VidyoPortal only |
| TCP Port 3306 | MySQL - Inbound to Server | Call Detail Record (CDR) access for billing systems. VidyoPortal only |
| TCP Port 389 | LDAP - Outbound from Server | Optional authentication to LDAP and Active Directory |
| TCP Port 636 | LDAPS - Outbound from Server | Secure LDAP. Optional authentication to LDAP and Active Directory |
| UDP Port 161 - 162 | SNMP - Inbound to Server | Basic SNMP functions |
| TCP and UDP 3478 | STUN - Bi-directional to and from Server | Optional, only if using STUN for NAT traversal |
Remote Support Update
Enghouse Vidyo NJ Office IPs (Current and New)
The following table lists the current and new Enghouse Vidyo NJ Office IPs. All inbound management rules should be limited to these IPs.
| NJ Office IP Addresses | ||
| IP Address | New or Current | Important Notes |
| 77.67.3.130 | New (Effective immediately) | Add this new IP address before 9/30/2019 in order for Enghouse Vidyo to continue providing remote support assistance for on-premises and hybrid customers. |
| 160.79.220.2 | Current | Please keep this IP address for now; however, it may deprecate in the near future. More information is forthcoming. |
| 198.16.25.254 | Current | Note: This IP address was previously incorrectly written as 198.16.25.241. Please make sure to update to the current and correct IP address: 198.16.25.254. |