Ports used by Wildix services
Make sure that these ports are open on your router / firewall in order to be able to access and use different Wildix services.
It is recommended to open incoming custom secure port or default 443 from outside on PBX.
Updated: September 2023
Permalink: https://wildix.atlassian.net/wiki/x/NhXOAQ
Cloud PBX
Outgoing ports:
- Outgoing traffic towards Cloud PBX to the Internet is not limited: any port from 1-65536 range
Incoming ports:
- TCP 80 HTTP
- TCP 443 HTTPS
- all types ICMP
- TCP 5060-5061 SIP
- UDP: 5060 SIP
- UDP 10000-59999 RTP
- UDP 123 NTP
- TCP 5222-5223, 5269, 5280 ejabberd
- TCP 7008 smsd
- TCP/ UDP 3478 turn
- TCP 4222 gnats
- TCP 10050 zabbix
- TCP/ UDP 514 rsyslog
Virtualization
- Same requirements as for HW PBXs (see further sections for details)
License activation / check
Access to external servers:
- wmp.wildix.com
- pbx-api.wildix.com
Port:
- outgoing TCP 443
Upgrade
Access to external servers:
- wmp.wildix.com + packages.wildix.com - used by WMS-5.04 and WMS-6.xx
- wmp.wildix.com + aptly.wildix.com - used by WMS-5.01-5.03
- wmp.wildix.com + apt.wildix.com - used by WMS-4.xx
Port:
- outgoing TCP 443
Remote support
Access to external servers:
- vpn4.wildix.com - used by WMS-4.xx PBXs
Port:
- outgoing TCP 443
Rsyslog
Access to external servers:
- pbxlogging6-<minor version>.wildix.com (dynamic IP list) - used by WMS 6.xx PBXs
- pbxlogging5-<minor version>.wildix.com (dynamic IP list) - used by WMS 5.02+ PBXs
- pbxlogging4-<minor version>.wildix.com - used by WMS 4.0 PBXs
Port:
- outgoing: UDP 514 - prior to WMS 5.02
- outgoing: TCP 20514 - starting from WMS 5.02
SIP Trunks registration
Outgoing:
- UDP 5060 or another custom port specified in trunk settings
Devices sync with portal
Access to external servers:
- api.wildix.com
Port:
- outgoing: TCP 443
Remote provisioning of devices
Incoming:
- TCP 443 (default) or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
- UDP 5060 – TCP 5061 for SIP registration
- RTP:
- VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
- Cloud PBX: UDP 10000-59999
Check open ports
Access to external servers:
- api.wildix.com
Port:
- outgoing: TCP 443
- incoming: TCP 443 or another custom secure port
Check External IP
Access to external servers:
- checkip.wildix.com
Port:
- outgoing: TCP 443, TCP 80
WMS network
- Enable the port TCP 443 (or another custom secure port) and UDP 1194 on the side of the Server PBX
Access to WMS network nodes between PBXs.
Port:
- incoming: UDP 1194
Starting from WMS v 5.03.20210826.1, the following ports must be opened for the correct work of calls between nodes: 443 (or custom secure port) + RTP ports (on SIP-RTP page).
Access to external servers:
- turn.wildix.com (to find a PBX public IP address for WMS Network correct functioning)
Multicast paging uses
- IP 224.0.0.1 or IP 239.1.1.10 (2N support)
- Ports 9000-9009
SMS sending with remote GSM gateway
- Open the incoming port TCP 7008 on the side of the PBX
WIService
(Wildix Integration Service, used by CDR-View, Screen Sharing, Headset Integration, Fax printer, Click2call from Windows, Popup App and other Wildix applications):
- Make sure that FQDN “wildixintegration.eu” is correctly resolved with the IP: 127.0.0.1 by your DNS (on the user PC or on the router side)
Contact lookup during incoming/outgoing CLASSOUND calls
Access to external servers:
- classound-namelookup.wildix.com - starting from WMS 6.02.20230201.1 and available for the USA and Canada
Port:
- outgoing: TCP 443
Collaboration and Web Phone
- TCP 443 (default) or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs);
- RTP:
- VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
- Cloud PBX: UDP 10000-59999
Access to external servers:
- addons.wildix.com
Cloud analytics in Collaboration
Access to external servers:
- Auth.wildix.com
- 3.65.155.111
- 3.65.155.145
Cloud-stored group chats
Access to external servers:
- chats1.meet.wildix.com
- chats2.meet.wildix.com
Port:
- outgoing: TCP 5269
- incoming: TCP 443 or another custom secure port
Geolocation services
- Maps in Collaboration are available only via .*wildixin.com domain
File / image sharing
Access to external servers(both PBX and Client):
- Auth.wildix.com
- fs.wildix.com
Port:
- outgoing: TCP 443
Screen sharing
Access to external servers (both PBX and Client):
- vnc.wildix.com
- kite.wildix.com
Port:
- outgoing: TCP 443
iOS/Android
- SIP: TCP 443
- XMPP: TCP 443
- Configuration: TCP 443
Incoming:
- TCP 443 or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
- Add the port manually on the app login page: Account > Domain, example: pbx.wildixin.com:443 (for iOS works only with public IP)
- RTP:
- VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
- Cloud PBX: UDP 10000-59999
Outgoing:
- For push notifications: 443 TCP to push.wildix.com; PBX must be connected to the internet and be able to communicate with push.wildix.com server
- Android: a direct, unproxied connection to the Google Cloud Messaging server on these ports: TCP 5228; TCP 5229; TCP 5230 and TCP 443
- iOS: a direct, unproxied connection to the Apple Push Notification servers from smartphone is necessary on ports TCP 5223; TCP 2195; TCP 2196; TCP 443
- Important: use a transparent port forwarding scheme between the external port on the firewall and the external custom secure port on the PBX, example: 4443 – 4443
Vision/ SuperVision
- SIP: TCP 443
- XMPP: TCP 443
- Configuration: TCP 443
Incoming:
- TCP 443 or another external secure port (SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs)
- Add the port manually on the app login page: Account > Domain, example: pbx.wildixin.com:443
- RTP:
- VM/ HW PBX: e.g. UDP 10000 - 15000 (Note: The range depends on the number and type of licenses on the PBX; check SIP-RTP page for details)
- Cloud PBX: UDP 10000-59999
Access to external server for upgrade of firmware/ applications:
- firmwares.wildix.com
WebRTC Kite service
Access to external servers:
- kite.wildix.com
- ws2sip.wildix.com
Port:
- outgoing: TCP 443, TCP 5061, UDP 10000-15000
- incoming: TCP 443 or another custom secure port, UDP 10000-15000
WebRTC Wizyconf videoconference
Access to external servers (both on the PBX's and on the Client's side):
- conference.wildix.com
- videobridge.wildix.com - no longer needed after May 31, 2021
- videobridge-it.wildix.com - no longer needed after May 31, 2021
- videobridge-it2.wildix.com - no longer needed after May 31, 2021
- videobridge-usa.wildix.com - no longer needed after May 31, 2021
- videobridge-usa2.wildix.com - no longer needed after May 31, 2021
- videobridge-de.wildix.com - no longer needed after May 31, 2021
Ports to open (both on the PBX's and on the Client's side):
- outgoing: TCP 443, TCP 4443, UDP 10000 (to any remote address)
Note: TCP 4443 and UDP 10000 need to be open on the Client's side only. - incoming: TCP 443 or another custom secure port (from any remote address)
For support of SIP access from the PBX, enable the rules specified in this section: WebRTC Kite service.
For file/ image sharing, enable the rules specified in this section: File / image sharing.
Text-to-speech
Access to external servers:
- tts.wildix.com
Port:
- outgoing: TCP 443
Zabbix monitoring
- TCP 8099 for IP 63.32.222.64
- TCP 10050 for local Zabbix
SSL certificate renew
Access to external server:
- ssl.wildix.com
Port:
- outgoing: TCP 443
CLASSOUND
Access to external servers:
- operator-01-f.wildix.com
- operator-02-f.wildix.com
Port:
- incoming: TCP 443, TCP 5061 or another custom secure port
- RTP: e.g. UDP 10000-15000 (check SIP-RTP page in WMS Settings -> PBX (VM and HW PBXs RTP page)