Notes to observe:
- Make sure that SIP-Inspection / SIP-ALG / SIP-Helper is disabled in the local firewall.
- If services aren ́t working as expected, please allow the rules from the inside of the local firewall as well.
- Media/Speech is negotiated dynamically in the SDP for every call. Therefore it is necessary to allow the whole port span.
Dstny base functionality:
| To | Destination port | Protocol | Transport | Rule | Comment |
| Dstny telephony system | |||||
| 185.39.124.96/28 | 443 | HTTP(S) | TCP | Allow |
MyDstny |
| 185.39.125.96/28 | 443 | HTTP(S) | TCP | Allow |
MyDstny |
| 185.39.125.17 | 443 | HTTP(S) | TCP | Allow |
MyDstny |
| 185.39.124.40/29 | 443 | HTTP(S) | TCP | Allow | Stockholm |
| 185.39.125.40/29 | 443 | HTTP(S) | TCP | Allow | Stockholm |
| 185.39.126.64/27 | 443 | HTTP(S) | TCP | Allow | Sköndal |
| 185.39.127.64/27 | 443 | HTTP(S) | TCP | Allow | Sköndal |
| Dstny telephony system | |||||
| 185.39.124.40/29 | 5060/5061 | SIP | TCP / UDP | Allow | Stockholm |
| 185.39.125.40/29 | 5060/5061 | SIP | TCP / UDP | Allow | Stockholm |
| 185.39.126.64/27 | 5060/5061 | SIP | TCP / UDP | Allow | Sköndal |
| 185.39.127.64/27 | 5060/5061 | SIP | TCP / UDP | Allow | Sköndal |
| Dstny telephony system | |||||
| 185.39.124.96/28 | 10000 - 64919 | RTP / SRTP | UDP | Allow | MyDstny |
| 185.39.125.96/28 | 10000 - 64919 | RTP / SRTP | UDP | Allow | MyDstny |
| 185.39.125.17 | 10000 - 64919 | RTP / SRTP | UDP | Allow | MyDstny |
| 185.39.124.32/29 | 49152 - 65534 | RTP / SRTP | UDP | Allow | Stockholm |
| 185.39.125.32/29 | 49152 - 65534 | RTP / SRTP | UDP | Allow | Stockholm |
| 185.39.126.192/26 | 49152- 65534 | RTP / SRTP | UDP | Allow | Sköndal |
| 185.39.127.192/26 | 49152- 65534 | RTP / SRTP | UDP | Allow | Sköndal |
For you with desk phones:
Below displays optional firewall settings if you are using desk phones from Mitel or Snom.
| To | Destination port | Protocol | Transport | Rule | Comment |
| Fixed phones | |||||
| 1.aastra.pool.ntp.org | 123 | NTP | UDP | Allow | Used for date/time in fixed phones |
| 2.aastra.pool.ntp.org | 123 | NTP | UDP | Allow | Used for date/time in fixed phones |
| 3.aastra.pool.ntp.org | 123 | NTP | UDP | Allow | Used for date/time in fixed phones |
| 0.se.pool.ntp.org | 123 | UDP | Allow | Used for date/time in fixed phones | |
| Snom phone provisioning | |||||
| 185.39.124.40/29 | 9443 | HTTPS | TCP | Allow | Used for provisioning of Snom phones |
| 185.39.125.40/29 | 9443 | HTTPS | TCP | Allow | Used for provisioning of Snom phones |
| 185.39.126.64/27 | 9443 | HTTPS | TCP | Allow | Used for provisioning of Snom phones |
| 185.39.127.64/27 | 9443 | HTTPS | TCP | Allow | Used for provisioning of Snom phones |
| Snom SRAPS | |||||
| 52.28.89.237 | 443 | HTTP(S) | TCP | Allow |
Snom phone settings distribution |
| Mitel Phone RCS |
|
||||
| rcs.aastra.com | 80 / 443 | HTTP(S) | TCP | Allow |
Mitel phone settings distribution |