Ports used by Wildix services

Make sure that these ports are open on your router / firewall in order to be able to access and use different Wildix services.

It is recommended to open incoming custom secure port or default 443 from outside on PBX.

Updated: April 2025

Permalink: https://wildix.atlassian.net/wiki/x/NhXOAQ

Cloud PBX

Outgoing ports:

Outgoing traffic towards Cloud PBX to the Internet is not limited: any port from 1-65536 range

Incoming ports:

TCP 80 HTTP
TCP 443 HTTPS
all types ICMP
TCP 5060-5061 SIP
UDP: 5060 SIP
UDP 10000-59999 RTP
UDP 123 NTP
TCP 5222-5223, 5269, 5280 ejabberd
TCP 7008 smsd
TCP 4222 gnats
TCP 10050 zabbix
TCP/ UDP 514 rsyslog

Access to external servers:

addons.wildix.com (also for HW / VM PBXs)

License activation / check

Access to external servers:

wmp.wildix.com, 443 (outbound, TCP)
pbx-api.wildix.com, 443 (outbound, TCP)

Authorization

Access to external servers:

configs.wildix.com, 443 (outbound, TCP)
auth.wildix.com, 443 (outbound, TCP)

Upgrade

Access to external servers:

WMS-5.04 and WMS-6.xx
- wmp.wildix.com + packages.wildix.com, 443 (outbound, TCP)
WMS-5.01-5.03
- wmp.wildix.com + aptly.wildix.com, 443 (outbound, TCP)
WMS-4.xx
- wmp.wildix.com + apt.wildix.com, 443 (outbound, TCP)

Upgrade of devices

Starting from WMS 6.05, in case of Hardware or Virtual PBX:

Access to external servers:

firmwares-cdn.wildix.com, 443 (outbound, TCP)
wps.wildix.com, 443 (outbound, TCP)

WMS network

Enable the port TCP 443 (or another custom secure port) and UDP 1194 on the side of the Server PBX

Access to WMS network nodes between PBXs.

Port:

incoming: UDP 1194

Starting from WMS v 5.03.20210826.1, the following ports must be opened for the correct work of calls between nodes: 443 (or custom secure port) + RTP ports (on SIP-RTP page).

Access to external servers:

turn.wildix.com (to find a PBX public IP address for WMS Network correct functioning)

SSL certificate renew

Access to external server:

ssl.wildix.com, 443 (outbound, TCP)

Text-to-speech

Access to external servers:

tts.wildix.com, 443 (outbound, TCP)
auth.wildix.com, 443 (outbound, TCP)

Speech-to-text

stt.wildix.com, 443 (outbound, TCP)

CDS

Access to external servers:

1) To upload files:

cds-pbx.wildix.com, 443 (outbound, TCP)
data-storage.wildix.com, 443 (outbound, TCP)

2) To display CDS usage statistics in WMS interface:

cds-console.wildix.com, 443 (outbound, TCP)

3) Other:

wildix-data-storage-af-south-1.s3.af-south-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-ap-east-1.s3.ap-east-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-ap-northeast-1.s3.ap-northeast-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-ap-northeast-2.s3.ap-northeast-2.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-ap-south-1.s3.ap-south-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-ap-southeast-1.s3.ap-southeast-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-ap-southeast-2.s3.ap-southeast-2.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-ca-central-1.s3.ca-central-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-eu-central-1.s3.eu-central-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-eu-central-2.s3.eu-central-2.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-eu-north-1.s3.eu-north-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-eu-south-1.s3.eu-south-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-eu-south-2.s3.eu-south-2.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-eu-west-1.s3.eu-west-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-eu-west-2.s3.eu-west-2.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-eu-west-3.s3.eu-west-3.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-il-central-1.s3.il-central-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-us-east-1.s3.us-east-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-us-east-2.s3.us-east-2.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-us-west-1.s3.us-west-1.amazonaws.com, 443 (outbound, TCP)
wildix-data-storage-us-west-2.s3.us-west-2.amazonaws.com, 443 (outbound, TCP)

SIP Trunk / VoIP Provider

SIP Trunks registration

"PBX_NAME".wildixin.com, 5060 or another custom port specified in trunk settings (outbound, UDP)

CLASSOUND

Access to external servers:

operator-01-f.wildix.com 3.123.221.55
operator-02-f.wildix.com 18.158.245.207
operator-03-f.wildix.com 18.195.104.178

Port:

incoming: TCP 443, TCP 5061 or another custom secure port
RTP: e.g. UDP 10000-15000 (check SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs RTP page)

Contact lookup during incoming/outgoing CLASSOUND calls

Access to external servers:

classound-namelookup.wildix.com, 443 (outbound, TCP) - starting from WMS 6.02.20230201.1 or higher (available for the USA and Canada)

Remote Wildix IP Phones

Devices sync with portal

Access to external servers:

api.wildix.com, 443 (outbound, TCP)

Remote provisioning of devices

Incoming:

TCP 443 (default) or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
UDP 5060 – TCP 5061 for SIP registration
RTP:
- VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
- Cloud PBX: UDP 10000-59999

Multicast paging uses

IP 224.0.0.1 or IP 239.1.1.10 (2N support)
Ports 9000-9009

Vision/ SuperVision

SIP: TCP 443
XMPP: TCP 443
Configuration: TCP 443

Incoming:

TCP 443 or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
Add the port manually on the app login page: Account > Domain, example: pbx.wildixin.com:443
RTP:
- VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
- Cloud PBX: UDP 10000-59999

Access to external server for upgrade of firmware/ applications:

firmwares.wildix.com

Remote Collaboration Apps

Collaboration and Web Phone

TCP 443 (default) or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs);
RTP:
- VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
- Cloud PBX: UDP 10000-59999

Access to external servers:

addons.wildix.com

Cloud-stored group chats

Access to external servers:

chats1.meet.wildix.com
chats2.meet.wildix.com

Port:

outgoing: TCP 5269
incoming: TCP 443 or another custom secure port

Geolocation services

Maps in Collaboration are available only via .*wildixin.com domain

File / image sharing

Access to external servers(both PBX and Client):

auth.wildix.com, 443 (outbound, TCP)
fs.wildix.com, 443 (outbound, TCP)

WIService

(Wildix Integration Service, used by CDR-View, Screen Sharing, Headset Integration, Fax printer, Click2call from Windows, Popup App and other Wildix applications):

Make sure that FQDN “wildixintegration.eu” is correctly resolved with the IP: 127.0.0.1 by your DNS (on the user PC or on the router side)

Cloud analytics in Collaboration and x-bees

Access to external servers:

auth.wildix.com, 443 or another custom secure port (inbound, outbound, TCP)
cognito-idp.eu-central-1.amazonaws.com, 443 or another custom secure port (inbound, outbound, TCP)
cognito-identity.eu-central-1.amazonaws.com, 443 or another custom secure port (inbound, outbound, TCP)
sts.amazonaws.com, 443 or another custom secure port (inbound, outbound, TCP)
3.65.155.111, 443 or another custom secure port (inbound, outbound, TCP)
3.65.155.145, 443 or another custom secure port (inbound, outbound, TCP)
wda.wildix.com, 443 (outbound TCP)
kinesis.eu-central-1.amazonaws.com, 443 or another custom secure port (inbound, outbound, TCP)
cognito-idp.eu-central-1.amazonaws.com/eu-central-1_4mprRMCca, 443 (outbound TCP)

WebRTC Kite service

Access to external servers:

kite.wildix.com, 443 TCP, 5061 TCP, 10000-1500 UDP (outbound)
ws2sip.wildix.com, 443 TCP or another custom secure port, 10000-15000 UDP (inbound)

iOS/Android

SIP: TCP 443
XMPP: TCP 443
Configuration: TCP 443

Incoming:

TCP 443 or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
Add the port manually on the app login page: Account > Domain, example: pbx.wildixin.com:443 (for iOS works only with public IP)
RTP:
- VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
- Cloud PBX: UDP 10000-59999

Outgoing:

For push notifications: 443 TCP to notifications.wildix.com; PBX must be connected to the internet and be able to communicate with notifications.wildix.com server
- Android: a direct, unproxied connection to the Google Cloud Messaging server on these ports: TCP 5228; TCP 5229; TCP 5230 and TCP 443
- iOS: a direct, unproxied connection to the Apple Push Notification servers from smartphone is necessary on ports TCP 5223; TCP 2195; TCP 2196; TCP 443
Important: use a transparent port forwarding scheme between the external port on the firewall and the external custom secure port on the PBX, example: 4443 – 4443

Note: Starting from WMS 6.06.20240425.1, the service used for sending push notifications was changed from push.wildix.com to notifications.wildix.com. Make sure to use notifications.wildix.com for WMS 6.06.20240425.1 and higher.

Video Conference

WebRTC Wizyconf videoconference

Access to external servers (both on the PBX's and on the Client's side):

conference.wildix.com
conference-turn.wildix.com, 443 (outbound, TCP)
videobridge.wildix.com - no longer needed after May 31, 2021
videobridge-it.wildix.com - no longer needed after May 31, 2021
videobridge-it2.wildix.com - no longer needed after May 31, 2021
videobridge-usa.wildix.com - no longer needed after May 31, 2021
videobridge-usa2.wildix.com - no longer needed after May 31, 2021
videobridge-de.wildix.com - no longer needed after May 31, 2021

Ports to open (both on the PBX's and on the Client's side):

outgoing: TCP 443, TCP 4443, UDP 10000 (to any remote address)
Note: TCP 4443 and UDP 10000 need to be open on the Client's side only.
incoming: TCP 443 or another custom secure port (from any remote address)

For support of SIP access from the PBX, enable the rules specified in this section: WebRTC Kite service.

For file/ image sharing, enable the rules specified in this section: File / image sharing.

Screen sharing

Access to external servers (both PBX and Client):

vnc.wildix.com, 443 (outbound, TCP)
kite.wildix.com, 443 (outbound, TCP)

Screen sharing

Access to external servers (both PBX and Client):

vnc.wildix.com, 443 (outbound, TCP)
kite.wildix.com, 443 (outbound, TCP)

Other Services

SMS sending with remote GSM gateway

Open the incoming port TCP 7008 on the side of the PBX

Rsyslog

Access to external servers:

WMS 6.xx PBXs
- pbxlogging6-<minor version>.wildix.com (dynamic IP list), 20514 (outbound, TCP)
WMS 5.02+ PBXs
- pbxlogging5-<minor version>.wildix.com (dynamic IP list), 20514 (outbound, TCP)
WMS 4.0 PBXs
- pbxlogging4-<minor version>.wildix.com (dynamic IP list), 514 (outbound, UDP)

Zabbix monitoring

TCP 8099 for IP 63.32.222.64
TCP 10050 for local Zabbix

Remote support

Access to external servers:

WMS-4.xx PBXs
- vpn4.wildix.com, 443 (outbound, TCP)

x-bees

x-bees also requires the following external servers to be open on your router/ firewall:

app.x-bees.com
api.x-bees.com
login.x-bees.com
chat.wildix-chat.com
avatars.wildix.com
cognito-idp.eu-central-1.amazonaws.com
wda.wildix.com
wda-ws.wildix.com
wim.wildix.com
fs.wildix.com

Videoconference

conference-turn.wildix.com, 443 (outbound, TCP)

Transcription

transcribe.eu-central-1.amazonaws.com, 443 or another custom secure port (inbound, outbound, TCP)

Firewall Checker

Check open ports

Access to external servers:

api.wildix.com, 443 (outbound, TCP)
api.wildix.com, 443 or another custom secure port (inbound, TCP)

Check External IP

Access to external servers:

checkip.wildix.com, 80 and 443 (outbound, TCP)