Port forwarding allows unsolicited connections to be made from the internet to a device on the internal network. This is useful for something like a webserver, where an outside user wants to view the website; an on-site PBX; or an outside SIP Trunk making a connection to the server. Our system does not use port forwarding and you should never make a port forwarding rule. Our system uses a method called Port Triggering, which is the reverse of Port Forwarding. The phone sends an outbound connection to our server and all connections from our server are made across the established outbound connection.
On some enterprise-level equipment, IT may be blocking connections over the ports used by the phones, preventing the outbound connection from being made. Since phones need to make connections, we typically recommend they create exception rules that allow the phones access to all ports.
Attempting to allow traffic by port number is the least desirable method of dealing with VoIP issues through firewalls. The signaling (SIP) port may be anything from 1025 to 65535 as assigned by your local router and there is no way to predict this. The actual voice component (RTP) is randomly negotiated with every call, and there is no way to predict this either. Additionally, RTP is not standardized and, though it will usually fall between 16384 and 32767, there is nothing that guarantees this.
The following ports are suggested for OUTGOING internet communications from the SIP device to our servers:
DNS | Port 53 |
UDP HTTP | Port 80 |
TCP HTTPS | Port 443 |
UDP NTP | Port 123 |
UDP SIP | Port 5060 UDP |
UDP SIP | Port 10001 UDP |
TCP SIP | Port 10002 TLS |
RTP | Port 10000-30000 UDP |
The following ports are needed for INCOMING and OUTGOING Internet communications from and to Vonage devices and servers.
RTP (Voice) Traffic: Ports 10000-30000 UDP.
When a call is made, a random port between 10000 and 30000 is used for RTP (Voice) traffic. If any of these ports are blocked, you may experience one way or no audio.
If you would like to read more about port forwarding, please visit www.portforward.com.
When Port Forwarding is not a viable solution. The solution is to have a properly designed and implemented network for your data voice solution.