Ports and services to configure on your company firewall
The Effective date indicates the last time this article was updated. For details, see the Revision history at the bottom of this article.
On this page you’ll find detailed information on the ports and services that you’ll need to configure on your company firewall based on your product/source(client). Just locate the header pertaining to your product and expand the appropriate section. Then, where applicable, select the tab matching the service you are using. On each tab, you’ll find a table that provides the following information:
- Transport/Port (Application)
The transport protocol is a description of the type of network traffic used for the application. Most applications use either TCP or UDP as a transport, and sometimes both, which depends on how the application operates. Most applications’ protocols have standard ports selected, which are commonly used for that service on the public Internet. Genesys Cloud typically uses the standard port for each application protocol.
- Destination
The destination device is the server which is listening for “inbound” requests to the application port. Inbound requests are received from the client from its transmission port.
- Description
The description contains additional information about the connectivity requirement.
For more information, see Firewall FAQs.
General
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| udp/53 (DNS) *
tcp/53 (DNS) * |
† | DNS provides name resolution for network connections. DNS is used by most applications, it converts names like “mypurecloud.com” to IP addresses required for connectivity. |
These settings apply to:
- Workstations / Genesys Cloud client (browser or desktop app)
- Mobile / Genesys Cloud mobile app (iOS and Android)
- VoIP phones
- Edge devices
- Bridge Servers
† Third-party service; not hosted by Genesys Cloud.
NTP provides time synchronization. Devices that use NTP will automatically set their clock from the network source and occasionally update their time for accuracy.
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| udp/123 (NTP) | time.nist.gov* |
Provides time synchronization for Edge devices and Bridge Servers. |
| us.pool.ntp.org* | Provides time synchronization for Polycom phones. |
Genesys Cloud agent desktop/browser
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Genesys Cloud, Amazon AWS | The secure connection from your client (desktop, web, mobile) to the Genesys Cloud Services on the public Internet. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tcp/3478 (STUN) udp/3478 (STUN) tcp/19302 (STUN) udp/19302 (STUN) |
Genesys Cloud, Amazon AWS Google* |
Session Traversal Utilities for NAT (STUN) is an egress connection that informs a host of its public IP address used for media-based communications. |
| udp/49152–65535 (SRTP) | Genesys Cloud, Amazon AWS | The secured transmission of streaming media (audio and video). |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Genesys Cloud, Amazon AWS | The secure connection from your client (desktop, web, mobile) to the Genesys Cloud Services on the public Internet. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/5222 (XMPP) | Genesys Cloud, Amazon AWS | The secure connection from your client (desktop, web, mobile) to the Genesys Cloud Services on the public Internet. |
Bridge Server
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Genesys Cloud, Amazon AWS | The secure connection from your premises Bridge Server to the Genesys Cloud Services on the public Internet. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tcp/389 (LDAP)* tcp/636 (LDAPS)* |
Corporate Active Directory environment | The connection from your Bridge server to the corporate Active Directory environment. |
Genesys Cloud Edge
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Genesys Cloud, Amazon AWS | The secure connection from your premise Edge devices (LDM) to the Genesys Cloud Services on the public Internet. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tls/8063 udp/16384-32768 (SRTP) |
Edge devices in the same Edge Group | The connection for Edges to communicate with each other. The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/5061 | Genesys Cloud, Amazon AWS | The connection for Edges to connect to the Genesys Cloud services for WebRTC softphones. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tcp/3478 (STUN) udp/3478 (STUN) tcp/19302 (STUN) udp/19302 (STUN) |
Genesys Cloud, Amazon AWS Google* |
Session Traversal Utilities for NAT (STUN) is an egress connection that informs a host of its public IP address used for media-based communications. |
* Third-party service; not hosted by Genesys Cloud.
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
udp/16384-32768 (SRTP/TURN) |
Genesys Cloud Edge devices (premise), Genesys Cloud, and Amazon AWS |
The transmission of secured streaming media (audio). |
For more information, see Ports and services for WebRTC.
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
udp/5060 (SIP)* tcp/5060 (SIP)* tcp/5061 (SIPS) [without FENT]* |
VoIP phones | The connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). The connection can optionally be secured. |
| vendor specified (SIP)* | Telephony SIP Provider (PSTN) † | The connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). The connection can optionally be secured. |
* Default ranges; ports can be changed in the Genesys Cloud configuration.
† Third-party service; not hosted by Genesys Cloud.
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| udp/4000+ (RTP/SRTP)* | VoIP phones | The transmission of streaming media (audio). The connection can optionally be secured. |
| vendor specified (RTP/SRTP)* | Telephony SIP Provider (PSTN) † | The connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). The connection can optionally be secured. |
* Default ranges; ports can be changed in the Genesys Cloud configuration.
† Third-party service; not hosted by Genesys Cloud.
Genesys Cloud Voice
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Polycom ZTP† | The secure connection an unconfigured Polycom device will make to discover its initial configuration. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tcp/80 (HTTP) tcp/443 (HTTPS) |
Genesys Cloud Global Phone Provisioning (AWS) | The connection a phone makes for organization level configuration. The connection can optionally be secured. |
|
tcp/80(HTTP)* tcp/443 (HTTPS)* |
Genesys Cloud Edge devices | The connection a phone makes for VoIP configuration. The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tcp/8061 (SIPS)* |
Genesys Cloud Edge devices | The connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| udp/16384-32768 (RTP/SRTP) | Genesys Cloud Edge devices | The transmission of streaming media (audio). The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Genesys Cloud, Amazon AWS | The secure connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). |
|
tcp/3478 (STUN) udp/3478 (STUN) tcp/19302 (STUN) † udp/19302 (STUN) † |
Genesys Cloud, Amazon AWS Google* |
These ports must be opened for both the client and Edges. These are used for the srflx and relay candidates. If they are closed, calls will have a high rate of failure. |
† Optional
* Third-party service; not hosted by Genesys Cloud.
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
udp/16384-32768 (SRTP/TURN) |
Genesys Cloud Edge devices, Genesys Cloud, Amazon AWS |
The transmission of secured streaming media (audio). |
For more information, see Ports and services for WebRTC.
BYOC Premises
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Polycom ZTP† | The secure connection an unconfigured Polycom device will make to discover its initial configuration. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tcp/80 (HTTP) tcp/443 (HTTPS) |
Genesys Cloud Global Phone Provisioning (AWS) | The connection a phone makes for organization level configuration. The connection can optionally be secured. |
|
tcp/8088 (HTTP)* [legacy] tcp/8089 (HTTPS)*[legacy] tcp/80 (HTTP)* tcp/443 (HTTPS)* |
Genesys Cloud Edge devices | The connection a phone makes for VoIP configuration. The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
udp/8060 (SIP)* tcp/8060 (SIP)* tcp/8061 (SIPS)* |
Genesys Cloud Edge devices | The connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| udp/16384-32768 (RTP/SRTP) | Genesys Cloud Edge devices | The transmission of streaming media (audio). The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Genesys Cloud, Amazon AWS | The secure connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). |
|
tcp/3478 (STUN) udp/3478 (STUN) tcp/19302 (STUN) † udp/19302 (STUN) † |
Genesys Cloud, Amazon AWS Google* |
These ports must be opened for both the client and Edges. These are used for the srflx and relay candidates. If they are closed, calls will have a high rate of failure. |
† Optional
* Third-party service; not hosted by Genesys Cloud.
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
udp/16384-32768 (SRTP/TURN) |
Genesys Cloud Edge devices, Genesys Cloud, and Amazon AWS |
The transmission of secured streaming media (audio). |
For more information, see Ports and services for WebRTC.
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
udp/5060* tcp/5060* tcp/5061* |
Edge devices (LDM/premise) | The connection for VoIP signaling (dialing, ringing, and so on for inbound and outbound calls). The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| udp/16384-32768 (RTP/SRTP) | Edge devices (LDM/premise) | The transmission of streaming media (audio). The connection can optionally be secured. |
BYOC Cloud
You will need to make sure that your carrier allows traffic from these addresses.
If you are using a 3rd-party premises-based carrier or PBX device/service, then you need to make sure that connectivity to these addresses is allowed.
us-east-1
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| byoc.mypurecloud.com | <customer prefix>.byoc.mypurecloud.com |
lb01.byoc.us-east-1.mypurecloud.com lb02.byoc.us-east-1.mypurecloud.com lb03.byoc.us-east-1.mypurecloud.com lb04.byoc.us-east-1.mypurecloud.com |
us-west-2
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| pc-voice.pure.cloud | <customer prefix>.byoc.usw2.pure.cloud |
lb01.pc-voice.usw2.pure.cloud lb02.pc-voice.usw2.pure.cloud lb03.pc-voice.usw2.pure.cloud lb04.pc-voice.usw2.pure.cloud |
ca-central-1
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| byoc.cac1.pure.cloud | <customer prefix>.byoc.cac1.pure.cloud |
lb01.byoc.cac1.pure.cloud lb02.byoc.cac1.pure.cloud lb03.byoc.cac1.pure.cloud lb04.byoc.cac1.pure.cloud |
eu-west-1
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| byoc.mypurecloud.ie | <customer prefix>.byoc.mypurecloud.ie |
lb01.byoc.eu-west-1.mypurecloud.ie lb02.byoc.eu-west-1.mypurecloud.ie lb03.byoc.eu-west-1.mypurecloud.ie lb04.byoc.eu-west-1.mypurecloud.ie |
eu-west-2
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| byoc.euw2.pure.cloud | <customer prefix>.byoc.euw2.pure.cloud |
lb01.byoc.euw2.pure.cloud lb02.byoc.euw2.pure.cloud lb03.byoc.euw2.pure.cloud lb04.byoc.euw2.pure.cloud |
eu-central-1
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| byoc.mypurecloud.de | <customer prefix>.byoc.mypurecloud.de |
lb01.byoc.eu-central-1.mypurecloud.de lb02.byoc.eu-central-1.mypurecloud.de lb03.byoc.eu-central-1.mypurecloud.de lb04.byoc.eu-central-1.mypurecloud.de |
ap-northeast-1
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| byoc.mypurecloud.jp | <customer prefix>.byoc.mypurecloud.jp |
lb01.byoc.ap-northeast-1.mypurecloud.jp lb02.byoc.ap-northeast-1.mypurecloud.jp lb03.byoc.ap-northeast-1.mypurecloud.jp lb04.byoc.ap-northeast-1.mypurecloud.jp |
ap-northeast-2
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| byoc.apne2.pure.cloud | <customer prefix>.byoc.apne2.pure.cloud |
lb01.byoc.apne2.pure.cloud lb02.byoc.apne2.pure.cloud lb03.byoc.apne2.pure.cloud lb04.byoc.apne2.pure.cloud |
ap-southeast-2
| Domain | DNS SRV and SIP FQDN | Server DNS (If SRV not supported) |
|---|---|---|
| byoc.mypurecloud.au | <customer prefix>.byoc.mypurecloud.au |
lb01.byoc.ap-southeast-2.mypurecloud.com.au lb02.byoc.ap-southeast-2.mypurecloud.com.au lb03.byoc.ap-southeast-2.mypurecloud.com.au lb04.byoc.ap-southeast-2.mypurecloud.com.au |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Polycom ZTP† | The secure connection an unconfigured Polycom device will make to discover its initial configuration. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tcp/80 (HTTP) tcp/443 (HTTPS) |
Genesys Cloud Global Phone Provisioning (AWS) | The connection a phone makes for organization level configuration. The connection can optionally be secured. |
|
tcp/80(HTTP)* tcp/443 (HTTPS)* |
Genesys Cloud Edge devices | The connection a phone makes for VoIP configuration. The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
tcp/8061 (SIPS)* |
Genesys Cloud Edge devices | The connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| udp/16384-32768 (RTP/SRTP) | Genesys Cloud Edge devices | The transmission of streaming media (audio). The connection can optionally be secured. |
| Transport/Port (Application) | Destination | Description |
|---|---|---|
| tcp/443 (HTTPS) | Genesys Cloud, Amazon AWS | The secure connection for VoIP signaling (dialing, ringing, etc. for inbound and outbound calls). |
|
tcp/3478 (STUN) udp/3478 (STUN) tcp/19302 (STUN) † udp/19302 (STUN) † |
Genesys Cloud, Amazon AWS Google* |
These ports must be opened for both the client and Edges. These are used for the srflx and relay candidates. If they are closed, calls will have a high rate of failure. |
† Optional
* Third-party service; not hosted by Genesys Cloud.
| Transport/Port (Application) | Destination | Description |
|---|---|---|
|
udp/16384-32768 (SRTP/TURN) |
Genesys Cloud Edge devices, Genesys Cloud, Amazon AWS |
The transmission of secured streaming media (audio). |
For more information, see Ports and services for WebRTC.
Domains and IP Addresses
Those domains in this list that specifically apply to your network configuration should be added to your allowlist or approved for authorized access. For more information, see the appropriate Description section in this table.
| Owner | Domain | Region | Description |
|---|---|---|---|
| Genesys Cloud | |||
|
*.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud |
North America United States
Canada |
Provides the Genesys Cloud interface for users and admins; domains are region-specific and each Genesys Cloud organization exists within only one region. Entities with multiple organizations may be deployed in various regions. | |
|
*.mypurecloud.com.au *.mypurecloud.jp *.apne2.pure.cloud |
Asia Pacific Sydney Tokyo Seoul |
||
|
*.mypurecloud.ie *.mypurecloud.de *.euw2.pure.cloud |
EMEA Ireland Frankfort London |
||
| *.ininpcv.com | North America | Provides voice and configuration services for Genesys Cloud Voice phones. (Genesys Cloud Voice customers only). This domain is legacy and not used for new customers. | |
| help.mypurecloud.com | All |
Provides access to the Genesys Cloud Resource Center for product documentation. Optional‡ |
|
|
announcement. |
All |
Provides access to in-app announcements about new features. Optional‡ |
|
|
sdk-cdn.mypurecloud.com |
All |
Provides access to the Developer Center for software development kits. Optional‡ |
|
|
appfoundry.genesys.com |
All |
Provides access to the AppFoundry for application and integration solutions. Optional‡ |
|
| Amazon AWS† | *.cloudfront.net | All | Provides static content for Genesys Cloud applications. |
|
*.s3.amazonaws.com *.s3-{region}.amazonaws.com where {region} is the domain for your particular region. |
All | Provides S3 download links. | |
| Google† | *.googleapis.com | All | Provides cascading style sheet (CSS) and font information. |
| *.gstatic.com | All | Provides static content, mainly images. | |
| *.l.google.com | All | Provides STUN services for Edge devices, VoIP phones, WebRTC softphones, and Collaborate multimedia. | |
| dns.google | All | The Edge tests for internet connectivity by pinging 8.8.8.8. (This is the IP address of dns.google.) | |
| New Relic† | *.js-agent.newrelic.com | All | Requests made by client-side New Relic analytics browser applications. |
| *.bam.nr-data.net | All | Requests made by client-side New Relic analytics browser applications. | |
| National Institute of Standards and Technology (NIST)† |
time.nist.gov |
All (The global address time.nist.gov is resolved to all of the appropriate server addresses.) | The NIST servers listen for an NTP request on port 123, and respond by sending a udp/ip data packet in the NTP format. The data packet includes a 64-bit timestamp. |
| Polycom† | *.ztp.polycom.com | All | Provides zero-touch phone provisioning for Polycom VoIP phones. |
† Third-party service; not hosted by Genesys Cloud.
‡ These domains are optional. Having access to these domains may help customers access documentation, announcements, software development kits, or AppFoundry solutions but they aren’t required. You can block these domains without affecting the overall functioning of Genesys Cloud.
An asterisk (*) prefix indicates that services may exist in one or more subdomains of the defined domain.
Genesys Cloud is deployed in a public cloud environment where IP addresses are expected to change. The IP addresses used by Genesys Cloud are provided by our vendor from their public IP pool, which contains many IP addresses used by many other organizations. All client connections (including BYOC Premises Edges, WebRTC Clients, and hard phones for BYOC Cloud and PCV customers) to Genesys Cloud are initiated as outbound connections to Genesys Cloud cloud services. When network access restrictions are used, such as a firewall, Genesys Cloud recommends allowing client outbound access on the specified ports to any IP destination.
For more information on IP addresses and ports, see the following FAQs:
- Why do we need to allow so many Amazon/AWS IP addresses?
- Why does Genesys Cloud require that I have so many open ports on my firewall?
Genesys Cloud also uses certain IP addresses for outbound data action traffic and outbound SMTP traffic to customer endpoints. You can add these IP addresses to your allowlist to prevent unauthorized access to your API resources. To retrieve a list of these IP addresses, call GET /api/v2/ipranges.
The table below lists each vendor and, where available, provides a list of potential IP addresses its services use.
| Owner | Services | IP addresses | Description |
|---|---|---|---|
| Amazon AWS | Genesys Cloud Amazon AWS (CloudFront, S3, and others) |
https://ip-ranges.amazonaws.com/ip-ranges.json |
Amazon AWS utilizes a large set of IP address ranges. Services deployed in AWS can use any of these addresses, and addresses are subject to change frequently. Amazon provides and maintains a list of available IP addresses, which is subject to change. To ensure that you are aware of the most recent changes in the Amazon AWS IP address JSON file, Genesys recommends that customers subscribe to AWS IP address range notifications. For more information on the JSON file and the notification system, see AWS IP address ranges. You can limit the range of IP addresses from AWS that you place in your allowlist by limiting the AWS range to only the regional subsets that correspond to your deployed Genesys Cloud region. |
| Google does not provide a list of potential IP addresses its services use. | |||
| New Relic | NewRelic provides IP and domain details here: https://docs.newrelic.com/docs/apm/new-relic-apm/getting-started/networks | ||
| Polycom | Polycom does not provide a list of potential IP addresses its services use. | ||
Note: Genesys Cloud does not own any of the IP addresses it uses, rather all addresses come from third-party service provider IP pools. The availability of potential IP address lists depends on each provider providing those IP addresses. IP lists that are provided do not only list IP in use by Genesys Cloud, but will include IP addresses used by other non-Genesys Cloud services.
Genesys Cloud strongly recommends that the Edges sit behind a NAT that follows the Internet best current practice for UDP as defined in RFC4787. Genesys Cloud requires the NAT to provide “endpoint-independent mapping” behavior. If both peers of a WebRTC media session sit behind NATs that do not provide endpoint-independent mapping behavior, the media traffic often requires a relay through a TURN server. Relay through a TURN server results in increased latency and impairs the WebRTC user experience.
Revision history
|
Date |
Revision |
|---|---|
| November 4, 2020 |
Fixed a typo in the Amazon AWS row of the Domains table in the Domains and IP Addresses section. Domain was incorrectly entered as *.s3.{region}.amazonaws.com when it should be *.s3-{region}.amazonaws.com. Replaced the “.” after s3 with a “-” to correctly identify the domain. |
| August 12, 2020 |
Added information about retrieving IP addresses for outbound SMTP traffic to the Domains and IP Addresses > IP addresses section. |
| August 5, 2020 |
Replaced non-inclusive terms/terminology. Added information about limiting the range of IP addresses from AWS using an allowlist to the Amazon AWS Description column in the Domains and IP Addresses > IP addresses section. |
| July 8, 2020 |
Changed the port requirement from tcp/5060-5061 to tcp/5061 in the table that appears in the Genesys Cloud Edge > Edge Devices > WebRTC > WebRTC Cloud Services section. |
| June 24, 2020 |
To provide more detailed information on the reasons for allowing access to so many IP addresses and ports on the firewall, added links to pertinent FAQs in the Domains and IP Addresses > IP addresses section. Added information and links pertaining to Amazon’s IP address JSON file and AWS IP address ranges notification system to the vendor table in the Domains and IP Addresses > IP addresses section. |
| June 3, 2020
|
Added details about the new AWS regions (Canada, London, and Seoul) to the Domains table in the Domains and IP Addresses section Added details about the new AWS regions (Canada, London, and Seoul) to the Premises-based device/service table in the BYOC Cloud section. |
|
May 15, 2020 |
Added the following domains to the Domains table in the Domains and IP Addresses section:
These domains are not new, but haven’t been previously listed in the Domains table. These domains are optional. Having access to these domains may help customers access documentation, announcements, software development kits, or AppFoundry solutions but they aren’t required. You can block these domains without affecting the overall functioning of Genesys Cloud. |
|
April 7, 2020 |
Under the Genesys Cloud Edge section (Genesys Cloud Edge > Edge devices > WebRTC > WebRTC Station Trunk) the following transport/ports were incorrectly identified as being optional:
It is NOT optional for Edges using WebRTC to use tcp/udp 19302 to access Google’s STUN servers to get external IP addresses It IS optional for WebRTC clients to use tcp/udp 19302 to access Google’s STUN servers to get external IP addresses. |
|
March 18, 2020 |
Added dns.google to the Domains and IP Addresses > Domains table |
| February 20, 2020 |
Added udp/16384-32768 (SRTP) to the Genesys Cloud Edge > Edge devices > Intra-Edge Group Communications table. |
| February 3, 2020 |
Added the VoIP Phones and WebRTC Phones (browser or desktop app) sections to the BYOC Cloud section. (These two sections previously only existed in the Genesys Cloud Voice and BYOC Premises sections. This update consisted strictly of copying those sections – no changes were made to the content.) |
|
October 16, 2019 |
Added information about retrieving IP addresses for outbound data action traffic to the Domains and IP Addresses > IP addresses section. |
|
April 26, 2019 |
Identified the WebRTC STUN ports as optional for WebRTC clients:
|
|
March 22, 2019 |
Removed reference to Google Analytics from the Domains and IP Addresses section.. Genesys Cloud no longer uses Google Analytics. |
|
February 27, 2019 |
Starting May 31, 2019, Genesys Cloud’s TURN servers will stop allowing connections outside of the 16834–32768 port range. For more information, see Deprecation: TURN port range. |
|
November 21, 2018 |
Removed Pendo references from the Domains and IP Addresses section. Genesys Cloud no longer supports Pendo. |
|
October 31, 2018 |
Added links to the Ports and services for WebRTC article to the following sections: Genesys Cloud Edge>Edge Devices>WebRTC Genesys Cloud Voice>WebRTC Phones BYOC Premises>WebRTC Phones |
|
August 24, 2018 |
Added region directive to the Domains and IP Addresses>Domains section in the Amazon AWS row to specify that regional domain names are now needed to provide the S3 download links. *.s3.{region}.amazonaws.com where {region} is the domain for your particular region. |
|
July 12, 2018 |
Added *.mypurecloud.de to the Domains and IP Addresses>Domains section to reflect that we have a new region in Europe: eu-central-1. |
|
June 26, 2018 |
Reworded the Description of *.cloudfront.net under the Domains and IP Addresses>Domains section to indicate that this domain covers a host of Genesys Cloud applications. For example, in addition to the Genesys Cloud user interface, it covers client integrations, such as Genesys Cloud for Salesforce, and plugins, such as co-browse. |
|
June 25, 2018 |
Added Transport/Port/Application information to the Genesys Cloud Voice>WebRTC Phones>WebRTC Signaling and |
|
April 2, 2018 |
Reorganized the layout of the article using new headings and expandable sections containing information broken out in tabs to make is easier to find the configuration details required for particular configuration. The reorganization also allowed the incorporation of new content from the addition of BYOC. See About BYOC. |
|
January 8, 2018 |
Added Co-browse to the table in the Chat and Video section. |
|
May 30, 2017 |
In the Destination column, changed Genesys Cloud (AWS) to Genesys Cloud, Amazon AWS to illustrate we connect to Genesys Cloud and Amazon AWS owned domains and Amazon AWS owned IP addresses. |
|
May 3, 2017 |
Added firewall firewalls firewall firewalls firewall port port port for search results |
|
March 9, 2017 |
Added NIST server address info to Core Services and Domain and IP Addresses sections. |
|
January 31, 2017 |
Complete redo of page based on feedback from development. |
|
December 21, 2016 |
Deleted tables that listed the exact IP addresses. |
|
December 16, 2016 |
The port for Network Time Protocol (NTP) changed to time.nist.gov. |
|
December 19, 2016 |
Edge group communication port 8062 and 8063 added to Telephony table. |
|
November 30, 2016 |
Added note to Domains and IP Addresses section. |
|
November 21, 2016 |
Added ztp.polycom.com to Domains and IP addresses table. |
|
November 17, 2016 |
Added specific IP addresses to WebRTC services table. |
|
November 16, 2016 |
Added specific IP addresses to Collaboration services table. |
|
November 15, 2016 |
Added Note about ports open for both Edge and agent networks to WebRTC table. Added WebSocket info to Collaboration services table. |
|
November 10, 2016 |
Added Specific IP addresses used by Telephony services table to Telephony services section. |
|
October 31, 2016 |
Added New Relics info to Domains and IP addresses table |
|
October 25, 2016 |
Added port 123 for NTP server to the Telephony services table |
|
October 24, 2016 |
Added IP address 8.8.8.8 to Domains and IP addresses table |
|
October 20, 2016 |
Added DNS port 53 to multiple tables |
|
October 19, 2016 |
Added Revision history table |