Follow

Allow And Optimize The Audio And Video Conferencing Platforms

Versions 3.0 & 5.0 & 6.0

Applies to Platform: UTM 3.0, 4i Edge 3.0, UTM 5.0, 4i Edge 5.0, UTM 6.0, 4i Edge 6.0
Last Update: 23 November 2020

This article presents how to optimize audio and video conferencing using firewall rules on the Endian appliance that allow access to them on different TCP and UDP ports.

Scenario: For security reasons, there are situations when certain seemingly functional connections to known video and audio-conferencing platforms (e.g. Microsoft Teams, Zoom, Google Meet, WhatsApp, etc.) does not work without opening certain ports in the firewall, used by the services. In these cases it is necessary to optimize them by adding firewall rules in the GREEN Outgoing traffic area that allow connections with them on different TCP and UDP ports.

Tutorial structure

I would also add that the two solutions for Microsoft Teams and for WhatsApp, both use the same approach (outgoing firewall rules). Depending on the service you need to optimize, you can read the following:

Microsoft Teams

WhatsApp

Optimize the connection for Microsoft Teams

The following ports must be allowed to connect to Microsoft Teams:

Destination TCP ports: 80 and 443
Destination UDP ports: 3478, 3479, 3480, 3481
Destination networks: 13.107.64.0/18, 52.112.0.0/14 and 52.120.0.0/14

Note

TCP ports 80 and 443 are already open by default for the GREEN zone for Outgoing traffic in the firewall.

  1. To add firewall rules for the ports required for Microsoft Teams access Firewall > Outgoing traffic > Add a new firewall rule

    fw1.png

  2. The configuration mode for the firewall rule must contain the following elements, after which it will be clicked Create rule then Apply:

    Source: GREEN interface
    Destination networks: 13.107.64.0/18, 52.112.0.0/14 and 52.120.0.0/14
    Service/Port: User definied
    Protocol: UDP
    Destination port (one per line): 3478, 3479, 3480, 3481
    Action: ALLOW
    Remark: Microsoft Teams
    Position: First

    fw1.png
  3. The result is:

    fw3.png

Now you can try the connection with the Microsoft Teams video and audio conferencing platform.

Optimize the connection for WhatsApp

The following ports must be allowed to connect to WhatsApp:

Destination TCP ports: 80 and 443
Destination TCP + UDP ports: 4244, 5222, 5223, 5228, 5242, 59234, 50318, 3478, 45395, 34784, 45395, 50318, 59234
Destination network: RED zone

Note

TCP ports 80 and 443 are already open by default for the GREEN zone for Outgoing traffic in the firewall.

  1. To add firewall rules for the ports required for WhatsApp access Firewall > Outgoing traffic > Add a new firewall rule

    fw1.png

  2. The configuration mode for the firewall rule must contain the following elements, after which it will be clicked Create rule then Apply:

    Source: GREEN interface
    Destination networks: RED zone
    Service/Port: User definied
    Protocol: TCP + UDP
    Destination port (one per line): 4244, 5222, 5223, 5228, 5242, 59234, 50318, 3478, 45395, 34784, 45395, 50318, 59234
    Action: ALLOW
    Remark: WhatsApp
    Position: First

    fw2.png

  3. The result is:

    fw5.PNG

Now you can try the connection with the WhatsApp platform.

Have more questions? Submit a request

Comments