Ports used by Wildix services

Make sure that these ports are open on your router / firewall in order to be able to access and use different Wildix services.

It is recommended to open incoming custom secure port or default 443 from outside on PBX.

Created: June 2018

Updated: August 2025

Permalink: https://wildix.atlassian.net/wiki/x/NhXOAQ

CDS

Access to external servers:

Service / Purpose	Protocol	Port	Destination

Service / Purpose	Protocol	Port	Destination
To upload files	TCP	443, outbound	cds-pbx.wildix.com data-storage.wildix.com
To display CDS usage statistics in WMS interface	TCP	443, outbound	cds-console.wildix.com
Other	TCP	443 or another custom secure port, inbound, outbound	auth.wildix.com 3.65.155.111 3.65.155.145 3.123.63.95, 443 or another custom secure port
	TCP	443 or another custom secure port, outbound	35.158.75.80 3.125.194.126 52.57.202.156
	TCP	443, outbound	wildix-data-storage-af-south-1.s3.af-south-1.amazonaws.com wildix-data-storage-ap-east-1.s3.ap-east-1.amazonaws.com wildix-data-storage-ap-northeast-1.s3.ap-northeast-1.amazonaws.com wildix-data-storage-ap-northeast-2.s3.ap-northeast-2.amazonaws.com wildix-data-storage-ap-south-1.s3.ap-south-1.amazonaws.com wildix-data-storage-ap-southeast-1.s3.ap-southeast-1.amazonaws.com wildix-data-storage-ap-southeast-2.s3.ap-southeast-2.amazonaws.com wildix-data-storage-ca-central-1.s3.ca-central-1.amazonaws.com wildix-data-storage-eu-central-1.s3.eu-central-1.amazonaws.com wildix-data-storage-eu-central-2.s3.eu-central-2.amazonaws.com wildix-data-storage-eu-north-1.s3.eu-north-1.amazonaws.com wildix-data-storage-eu-south-1.s3.eu-south-1.amazonaws.com wildix-data-storage-eu-south-2.s3.eu-south-2.amazonaws.com wildix-data-storage-eu-west-1.s3.eu-west-1.amazonaws.com wildix-data-storage-eu-west-2.s3.eu-west-2.amazonaws.com wildix-data-storage-eu-west-3.s3.eu-west-3.amazonaws.com wildix-data-storage-il-central-1.s3.il-central-1.amazonaws.com wildix-data-storage-us-east-1.s3.us-east-1.amazonaws.com wildix-data-storage-us-east-2.s3.us-east-2.amazonaws.com wildix-data-storage-us-west-1.s3.us-west-1.amazonaws.com wildix-data-storage-us-west-2.s3.us-west-2.amazonaws.com

Cloud analytics in Collaboration and x-bees

Access to external servers:

Service / Purpose	Protocol	Port	Destination

Service / Purpose	Protocol	Port	Destination
Cloud analytics (CDR-View 2.0)	TCP	443 or another custom secure port, inbound, outbound	auth.wildix.com cognito-idp.eu-central-1.amazonaws.com cognito-identity.eu-central-1.amazonaws.com sts.amazonaws.com 3.65.155.111 3.65.155.145 kinesis.eu-central-1.amazonaws.com wam.wildix.com
Cloud analytics (CDR-View 2.0)	TCP	443, outbound	wda.wildix.com cognito-idp.eu-central-1.amazonaws.com/eu-central-1_4mprRMCca

Cloud PBX

Outgoing ports:

Outgoing traffic towards Cloud PBX to the Internet is not limited: any port from 1-65536 range

Incoming ports:

Service / Purpose	Protocol	Port	Destination

Service / Purpose	Protocol	Port	Destination
Cloud PBX	TCP	80 HTTP 443 HTTPS all types ICMP 5060-5061 SIP 5222-5223, 5269, 5280 ejabberd 7008 smsd 4222 gnats 10050 zabbix 514 rsyslog
	UDP	5060 SIP 10000-59999 RTP 123 NTP 514 rsyslog
Access to external servers			addons.wildix.com (also for HW / VM PBXs)

Also, give access to the following external servers:

Service / Purpose	Protocol	Port	Destination

Service / Purpose	Protocol	Port	Destination
License activation / check	TCP	443, outbound	wmp.wildix.com pbx-api.wildix.com
Authorization	TCP	443, outbound	configs.wildix.com auth.wildix.com
Upgrade	TCP	443, outbound	WMS-5.04, WMS-6.xx and WMS-7.xx: wmp.wildix.com + packages.wildix.com WMS-5.01-5.03: wmp.wildix.com + aptly.wildix.com WMS-4.xx: wmp.wildix.com + apt.wildix.com
Upgrade of devices (starting from WMS 6.05, in case of Hardware or Virtual PBX)	TCP	443, outbound	firmwares-cdn.wildix.com wps.wildix.com
SSL certificate renew	TCP	443, outbound	ssl.wildix.com
Text-to-speech	TCP	443, outbound	tts.wildix.com auth.wildix.com
Speech-to-text	TCP	443, outbound	stt.wildix.com

Firewall Checker

Access to external servers:

Service / Purpose	Protocol	Port	Destination

Service / Purpose	Protocol	Port	Destination
Check open ports	TCP	443, outbound	api.wildix.com
Check open ports	TCP	443 or another custom secure port, inbound	api.wildix.com
Check External IP	TCP	80 and 443, outbound	checkip.wildix.com

NAT IP List

Access to the following NAT IPs should be allowed:

Service / Purpose	Protocol	Port	NAT IP

Service / Purpose	Protocol	Port	NAT IP
WIM	TCP	443 or another secure port, outbound	3.70.35.54 18.156.115.202 3.70.163.200
x-bees	TCP	443 or another secure port, outbound	18.157.166.13 3.64.177.85 3.67.254.94
x-hoppers	TCP	443 or another secure port, outbound	18.153.143.38 18.194.77.233 18.153.158.217

Remote Collaboration Apps

Service / Purpose	Protocol	Port	Destination

Service / Purpose	Protocol	Port	Destination
Collaboration and Web Phone	TCP	443 (default) or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs), outbound	addons.wildix.com
Collaboration and Web Phone	UDP	VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details) Cloud PBX: UDP 10000-59999	addons.wildix.com
Cloud-stored group chats	TCP	outgoing: TCP 5269 incoming: TCP 443 or another custom secure port	chats1.meet.wildix.com chats2.meet.wildix.com
File / image sharing (both PBX and Client)	TCP	443, outbound	auth.wildix.com fs.wildix.com
Geolocation services			Maps in Collaboration are available only via .*wildixin.com domain
WebRTC Kite service	TCP	443, outbound 5061, outbound	kite.wildix.com
	UDP	10000-1500, outbound	kite.wildix.com
	TCP	443 or another custom secure port, inbound	ws2sip.wildix.com
	UDP	10000-1500, inbound	ws2sip.wildix.com

WIService

(Wildix Integration Service, used by CDR-View, Screen Sharing, Headset Integration, Fax printer, Click2call from Windows, Popup App and other Wildix applications):

Make sure that FQDN “wildixintegration.eu” is correctly resolved with the IP: 127.0.0.1 by your DNS (on the user PC or on the router side)

iOS/Android

Service / Purpose	Protocol	Port	Destination / Notes

Service / Purpose	Protocol	Port	Destination / Notes
SIP, XMPP, Configuration	TCP	443
Incoming:	TCP	443 or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)	Add the port manually on the app login page: Account > Domain, example: pbx.wildixin.com:443 (for iOS works only with public IP)
RTP (VM / HW PBX)	UDP	10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
RTP (Cloud PBX)	UDP	10000-59999
Outgoing:
For push notifications	TCP	443	To notifications.wildix.com; PBX must be connected to the internet and be able to communicate with notifications.wildix.com server
Android: a direct, unproxied connection to the Google Cloud Messaging	TCP	5228 5229 5230 443
iOS: a direct, unproxied connection to the Apple Push Notification servers from smartphone	TCP	5223 2195 2196 443

Important: use a transparent port forwarding scheme between the external port on the firewall and the external custom secure port on the PBX, example: 4443 – 4443

Note: Starting from WMS 6.06.20240425.1, the service used for sending push notifications was changed from push.wildix.com to notifications.wildix.com. Make sure to use notifications.wildix.com for WMS 6.06.20240425.1 and higher.

Remote Wildix IP Phones

Access to external servers:

Service / Purpose	Protocol	Port

Service / Purpose	Protocol	Port