Firewall Exceptions for US AWS Commercial 1 (5.x) Cloud

This document is specific to the US AWS Commercial 5.x cloud deployment.

AWS Portal: https://us-portal.sla-ptt.com/portal/

AWSNEW: https://portal.eschat.com/portal/

We require a 12 min TCP port registration timer and a 1 min UDP port registration timer.

The ESChat client requires specific network routes to communicate between the host device (such as a smartphone or computer running the client) and the remote servers.

We continue to push our architecture and deployment model forward to improve security and redundancy for our customers.  If you have firewall rules in place, the following tables outline the rules required to support our newest servers and our disaster recovery instances.  All ports are outbound only.  Please enter all information as listed in the tables. We do not control IP ranges required by third party providers. While most third party vendors will accept IP addresses, Google Maps requires the DNS (Domain Name System): https://maps.googleapis.com/

If your device has a firewall enabled or is on a network that operates behind a firewall, like corporate wired and Wifi networks do, it may be blocking connectivity to our server and/or preventing audio from passing through.  If you experience problems or need assistance changing the settings of your firewall,  please contact your IT staff.

ESChat requires various ports to be opened for both outbound traffic and inbound response (as requested from the client) to the IP addresses listed below (8 including the Disaster Recovery addresses).  The signaling port and data port range are specific to each customer's build. 

These rules cover both  AWSUS and  AWSNEW portals.

For AWSUS:

This applies to new customers to AWSUS or for customers AFTER they've been transitioned to AWSUS from AWSNEW. 

For AWSNEW: 

Apple requires two ports be opened for outbound traffic to the IP range below for the APNS Push Notifications.

Google requires a port be opened for outbound traffic to the DNS names below.