SETTING UP YOUR FIREWALL FOR SIMPLEVOIP SERVICE
We are always adding servers, proxies, new ISPs, etc so individually entering server IP's to be whitelisted by your firewall manager can be problematic. Most customers don’t block outbound traffic and there'fore our phones are able to reach their necessary servers for calling as well as updates with no difficulty. However, DNS is probably the easiest to manage. We have load balancers and multiple A records, as well as DNS-SRV and NAPTR for the phones. The 3 proxies and our config server that phones reach out to are:
To be safe you really should open up *.simplevoip.us and *.s.simplevoip.us
Also - brand new (or factory reset phones) will reach out to a redirect server hosted by the manufacturer. If you plan on configuring phones locally or resetting them during troubleshooting you should allow traffic to *.yealink.com or *.panasonic.com or *.polycom.com.
If you need IPs – here are the /24 blocks you should allow:
Here is the TCP/UDP Ports used by SimpleVoIP phones across the network.
UDP 8500 – 59999 Used for RTP and Phone Signaling
Regular operation of phones:
- On their very first boot or after a factory reset, phones look for a redirect server at *.yealink.com or *.panasonic.com or *.polycom.com
- Next, they are redirected to our configuration server to download configs and firmware at https://config.simplevoip.us
- Next, they attempt to register with our SBCs at https://*.simplevoip.us