Ports used by Wildix services

Cloud PBX

Outgoing ports:

• Outgoing traffic towards Cloud PBX to the Internet is not limited: any port from 1-65536 range

Incoming ports:

• TCP 80 HTTP
• TCP 443 HTTPS
• all types ICMP
• TCP 5060-5061 SIP
• UDP: 5060 SIP
• UDP 10000-59999 RTP
• UDP 123 NTP
• TCP 5222-5223, 5269, 5280 ejabberd
• TCP 7008 smsd
• TCP/ UDP 3478 turn
• TCP 4222 gnats
• TCP 10050 zabbix
• TCP/ UDP 514 rsyslog

Virtualization

• Same requirements as for HW PBXs (see further sections for details)

License activation / check

Access to external servers:

• wmp.wildix.com
• pbx-api.wildix.com

Port:

• outgoing TCP 443

Upgrade

Access to external servers:

• wmp.wildix.com + packages.wildix.com - used by WMS-5.04 and WMS-6.xx
• wmp.wildix.com + aptly.wildix.com - used by WMS-5.01-5.03 
• wmp.wildix.com + apt.wildix.com - used by WMS-4.xx

Port:

• outgoing TCP 443

Remote support 

Access to external servers:

• vpn4.wildix.com - used by WMS-4.xx PBXs

Port:

• outgoing TCP 443

Rsyslog

Access to external servers:

• pbxlogging6-<minor version>.wildix.com (dynamic IP list) - used by WMS 6.xx PBXs
• pbxlogging5-<minor version>.wildix.com (dynamic IP list) - used by WMS 5.02+ PBXs
• pbxlogging4-<minor version>.wildix.com - used by WMS 4.0 PBXs

Port:

• outgoing: UDP 514 - prior to WMS 5.02
• outgoing: TCP 20514 - starting from WMS 5.02

SIP Trunks registration

Outgoing:

• UDP 5060 or another custom port specified in trunk settings

Devices sync with portal

Access to external servers:

• api.wildix.com

Port:

• outgoing: TCP 443

Remote provisioning of devices

Incoming:

• TCP 443 (default) or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
• UDP 5060 – TCP 5061 for SIP registration
• RTP:
  • VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
  • Cloud PBX: UDP 10000-59999 

Check open ports

Access to external servers:

• api.wildix.com

Port:

• outgoing: TCP 443
• incoming: TCP 443 or another custom secure port

Check External IP

Access to external servers:

• checkip.wildix.com

Port:

• outgoing: TCP 443, TCP 80

WMS network

• Enable the port TCP 443 (or another custom secure port) and UDP 1194 on the side of the Server PBX

Access to WMS network nodes between PBXs.

Port:

• incoming: UDP 1194

Access to external servers:

• turn.wildix.com (to find a PBX public IP address for WMS Network correct functioning) 

Multicast paging uses

• IP 224.0.0.1 or IP 239.1.1.10 (2N support)
• Ports 9000-9009

SMS sending with remote GSM gateway

• Open the incoming port TCP 7008 on the side of the PBX

WIService 

(Wildix Integration Service, used by CDR-View, Screen Sharing, Headset Integration, Fax printer, Click2call from Windows, Popup App and other Wildix applications):

• Make sure that FQDN “wildixintegration.eu” is correctly resolved with the IP: 127.0.0.1 by your DNS (on the user PC or on the router side)

Contact lookup during incoming/outgoing CLASSOUND calls 

Access to external servers:

• classound-namelookup.wildix.com - starting from WMS 6.02.20230201.1 and available for the USA and Canada

Port:

• outgoing: TCP 443

Collaboration and Web Phone

• TCP 443 (default) or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs);
• RTP:
  • VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
  • Cloud PBX: UDP 10000-59999 

Access to external servers:

• addons.wildix.com

Cloud analytics in Collaboration

Access to external servers:

• Auth.wildix.com
• 3.65.155.111
• 3.65.155.145

Cloud-stored group chats 

Access to external servers:

• chats1.meet.wildix.com
• chats2.meet.wildix.com 

Port:

• outgoing: TCP 5269
• incoming: TCP 443 or another custom secure port

Geolocation services

• Maps in Collaboration are available only via .*wildixin.com domain

File / image sharing

Access to external servers(both PBX and Client):

• Auth.wildix.com
• fs.wildix.com

Port:

• outgoing: TCP 443

Screen sharing

Access to external servers (both PBX and Client):

• vnc.wildix.com
• kite.wildix.com

Port:

• outgoing: TCP 443

iOS/Android

• SIP:  TCP 443 
• XMPP: TCP 443 
• Configuration: TCP 443 

Incoming:

• TCP 443 or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
• Add the port manually on the app login page: Account > Domain, example: pbx.wildixin.com:443 (for iOS works only with public IP)
• RTP:
  • VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
  • Cloud PBX: UDP 10000-59999 

Outgoing:

• For push notifications: 443 TCP to push.wildix.com; PBX must be connected to the internet and be able to communicate with push.wildix.com server
  • Android: a direct, unproxied connection to the Google Cloud Messaging server on these ports: TCP 5228; TCP 5229; TCP 5230 and TCP 443
  • iOS: a direct, unproxied connection to the Apple Push Notification servers from smartphone is necessary on ports TCP 5223; TCP 2195; TCP 2196; TCP 443
• Important: use a transparent port forwarding scheme between the external port on the firewall and the external custom secure port on the PBX, example: 4443 – 4443

Vision/ SuperVision

• SIP: TCP 443
• XMPP: TCP 443
• Configuration: TCP 443 

Incoming:

• TCP 443 or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
• Add the port manually on the app login page: Account > Domain, example: pbx.wildixin.com:443
• RTP:
  • VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
  • Cloud PBX: UDP 10000-59999
    

Access to external server for upgrade of firmware/ applications:

•  firmwares.wildix.com

WebRTC Kite service

Access to external servers:

• kite.wildix.com
• ws2sip.wildix.com

Port:

• outgoing: TCP 443, TCP 5061, UDP 10000-15000
• incoming: TCP 443 or another custom secure port, UDP 10000-15000

WebRTC Wizyconf videoconference

Access to external servers (both on the PBX's and on the Client's side):

• conference.wildix.com
• videobridge.wildix.com - no longer needed after May 31, 2021
• videobridge-it.wildix.com - no longer needed after May 31, 2021
• videobridge-it2.wildix.com - no longer needed after May 31, 2021
• videobridge-usa.wildix.com - no longer needed after May 31, 2021
• videobridge-usa2.wildix.com - no longer needed after May 31, 2021
• videobridge-de.wildix.com - no longer needed after May 31, 2021

Ports to open (both on the PBX's and on the Client's side):

• outgoing: TCP 443, TCP 4443, UDP 10000 (to any remote address)
  Note: TCP 4443 and UDP 10000 need to be open on the Client's side only.
  
• incoming: TCP 443 or another custom secure port (from any remote address)

For support of SIP access from the PBX, enable the rules specified in this section: WebRTC Kite service.

For file/ image sharing, enable the rules specified in this section: File / image sharing.

Text-to-speech

Access to external servers:

• tts.wildix.com

Port:

• outgoing: TCP 443

Zabbix monitoring

• TCP 8099 for IP 63.32.222.64
• TCP 10050 for local Zabbix

SSL certificate renew

Access to external server: 

• ssl.wildix.com
  

Port:

• outgoing: TCP 443 

CLASSOUND

Access to external servers:

• operator-01-f.wildix.com
• operator-02-f.wildix.com

Port:

• incoming: TCP 443, TCP 5061 or another custom secure port
• RTP: e.g. UDP 10000-15000 (check SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs RTP page)