Network & Firewall Configuration Guide
This guide is designed for administrators who need to make changes to the configuration of their network to enable Vocalised services/
V1 June 25
Background
This guide details the required ports and settings to enable Vocalised-powered devices and services to successfully register, place calls, and retrieve configuration files when operating behind a customer firewall. It also includes the IP addresses and ports needed for third-party application integrations.
Firewalls
There are a wide variety of firewalls and network devices on the market. While it is not possible to cover every specific configuration, the tables below list all required ports, FQDNs, and IP ranges needed for standard functionality.
We recommend consulting your network administrator before applying these settings to avoid disrupting other services.
SIP ALG (Application Layer Gateway)
SIP ALG is a router/firewall feature designed to assist SIP traffic, but in most cases it interferes with call setup, audio quality, and device registration. It modifies SIP headers and SDP content, which can cause:
- Registration failures
- Transfer, pickup, and conference issues
- One-way or dropped audio
SIP ALG must be disabled on all devices. Consult your vendor documentation or our support portal for instructions on disabling SIP ALG.
Pre-Requisites
The following IP addresses, FQDNs, and ports must be allowed through your firewall for all Vocalised services to function properly.
General IP Addresses & Ports
| Service | FQDN | IP Range | Ports | Direction | Protocol |
| Handset registration, device management, voice traffic, API | proxy.thevoicefactory.co.uk, access01.evolveip.uk, xsf.thevoicefactory.co.uk, xsp-dms.voip.evolveip.uk, xsf-cisco.thevoicefactory.co.uk, commpilot.voip.evolveip.uk, xsp-webex.voip.evolveip.uk, api.thevoicefactory.co.uk, ukdirectory.thevoicefactory.co.uk, goapps.thevoicefactory.co.uk, unity.thevoicefactory.co.uk, firmware.voip.evolveip.uk, edms.thevoicefactory.co.uk | 91.240.178.0 – 91.240.178.255, 2a0d:c0c0:3e1:15::1:7, 2a0d:c0c0:3e1:15::1:4 | 5060, 5062, 6050, 5061, 448, 10000–65535, 2222–2269, 2208, 2209, 8011, 8012, 443, 80, 69 | Both | UDP/TCP |
| DNS | n/a | 4.2.2.5, 198.153.192.1 | 53 | Both | UDP/TCP |
| NTP | 0.uk.pool.ntp.org | n/a | 123 | Both | UDP |
Webex IP and Ports
| Service | FQDN | IP Range | Ports | Direction | Protocol |
| Webex Calling | access01.evolveip.uk, xsp-webex.voip.evolveip.uk, xsf.thevoicefactory.co.uk | 91.240.178.0/26, 91.240.178.233, 91.240.178.212, IPv6 ranges | 5060, 5061, 40000–65535, 443, 444, 8012 | Both | UDP/TCP |
Polycom IP and Ports
| Service | FQDN | IP Range | Ports | Direction | Protocol |
| Zero Touch Provisioning | ztp.polycom.com, downloads.polycom.com | 52.0.183.240, 52.2.100.162, 52.21.73.34, 54.86.39.219, 54.152.105.93, 54.210.194.27, 185.59.222.184, 185.59.222.185, 185.59.222.186, 185.93.0.141, 185.93.0.155 | 80, 443 | Both | TCP |
| PDMS-SP | obitalk.com domains | various (see guide) | 443, 10000–20000, 6800, 5222, 5223, 5060, 5061 | Both | UDP/TCP |
Cisco IP and Ports
| Service | FQDN | IP Range | Ports | Direction | Protocol |
| Device Activation & Config | webapps.cisco.com, cisco.broadcloud.eu, activate.cisco.com, software.cisco.com | 85.119.57.198, 85.119.56.198 | 80, 443 | Both | TCP |
Yealink IP and Ports
| Service | FQDN | IP Range | Ports | Direction | Protocol |
| Redirect & Provisioning | rps.yealink.com, dm.yealink.com, api-dm.yealink.com | listed IPs | 80, 443 | Both | TCP |
Snom IP and Ports
| Service | FQDN | IP Range | Ports | Direction | Protocol |
| Redirect Server | secure-provisioning.snom.com | 52.28.89.237 | 80, 443 | Both | TCP |
Mondago / Cara / GoIntegrator (Akixi) IP and Ports
| Service | FQDN | Ports | Direction | Protocol |
| Cara / GoIntegrator | goapps.thevoicefactory.co.uk | 8011, 8012, 2209, 443 | Both | TCP |