FAQs: Firewall

Can I configure SSL inspection on a proxy server firewall that sits between an on-premises Edge and Genesys Cloud?

No. The Edge will not allow another device to intercept traffic. The… [More]

Can I configure SSL inspection on a proxy server firewall that sits between client workstation and Genesys Cloud?

Yes, but Genesys Cloud currently only supports this configuration on HTTPS over… [More]

Can we call a web service running on a port other than 443?

No. For PCI compliance, the service that executes web services data actions… [More]

Does Genesys Cloud require any ports to be open for inbound access?

No. Genesys Cloud does not require any ports to be open for… [More]

Does port 19302 for Google’s STUN need to be open?

Yes and No. Yes, Genesys recommends that port 19302 be open for… [More]

My firewall can’t do JSON updates or DNS lookups, what can I do?

You have two options. You can simply open the required ports, which… [More]

My firewall/security device is performing a reverse lookup of addresses already resolved by the Edge when making WebRTC calls, is this a supported configuration?

Yes. WebRTC can support this type of configuration, but it is not… [More]

What happens if I don’t update my firewall with new entries in the AWS JSON file? Will we lose connectivity?

Yes, you could very well lose connectivity. The problem with not updating… [More]

What happens if I only add some of required public SIP IP addresses for BYOC Cloud to my allowlist?

The BYOC Cloud public SIP IP addresses article specifies that you must… [More]

What ports does screen recording require?

Genesys Cloud uses a range of ports for the secure transmission of… [More]

When troubleshooting firewall issues, why do I see names like 1e100.net when doing a reverse lookup on addresses resolved from *.l.google.com?

The name 1e100.net is a valid Google domain name and identifies its… [More]

Why do we need to allow so many Amazon/AWS IP addresses?

Amazon/AWS sets aside a pool of public IP addresses for each region… [More]

Why does Genesys Cloud require that I have so many open ports on my firewall?

It is important to keep in mind that the majority of these… [More]

Why does Genesys Cloud suggest that port 80 be open?

Genesys Cloud suggests leaving port 80 open to facilitate misconfigured redirects to… [More]

Why does the port range 16384-32767 (RTP media) need to be opened up for Genesys Cloud Voice/BYOC Cloud?

This port range only needs to be opened for outbound connections. Genesys… [More]

Why does the Session Description Protocol provide media IP addresses which are different from the signaling IP addresses?

Call signaling and media are handled by separate services for resiliency and… [More]

Why is the Edge attempting to make WebRTC connections on a port number outside of the 16384-32768 port range?

While Genesys Cloud configures the Edge to work within the 16384-32768 port… [More]