Menu Close

Firewall Rules

General

Depending on how your network is set up, firewall settings are necessary. In most cases, the network is protected by a provider’s NAT, a router and perhaps even a firewall.

In principle, we recommend that customers where the data traffic from the internal network is open to the outside (e.g. private households, etc.) do not set up port forwarding. peoplefone sends data packets back to the registered device every 30 seconds (NAT Keep Alive) so that the ports remain open and incoming calls are ensured.

If data traffic is controlled in both directions in your network, we recommend that you set up firewall settings according to our recommendations.

ATTENTION: For security reasons, only allow communication between your firewall and peoplefone!!


IP addresses & Ports

If your VoIP device does not register or you only hear the voice in one direction after configuration, your firewall could be blocking the voice packets. Turn off the firewall temporarily and check the language again. If it then works, you need to open the incoming firewall ports as described below.

«UDP/TCP 5060» «UDP/TCP 6000» «TLS 5061» (Signalling)
«UDP 8000-60000» (Voice)

CHE IPs
«95.128.80.2 – 95.128.80.9»

DEU IP
«185.190.125.1 – 185.190.125.31»

AT IPs
«95.128.80.2 – 95.128.80.9»

FR IPs
«95.128.80.2 – 95.128.80.9»

Disable «SIP ALG»

Session-Timeout
Session Timeout udp-connect 300 Sekunden
Session Timeout udp-deliver 300 Sekunden


SIP ALG / NAT Keep Alive / STUN

If you encounter problems after configuration, such as irregular incoming calls, regular dropouts within a call, etc., please check the parameters of your VoIP device, router or firewall.

In general you must:

  • Firewall and/or router: disable SIP ALG
  • Device: Enable NAT Keep Alive
  • Gigaset IP: Activate STUN server with stun.peoplefone.com

Firewall Configuration Examples


Push Notification

«185.190.125.38» (Push-Server)
«UDP/TCP 4998» (Push)
«sipis01.peoplefone.com»


Auto Configuration / Provisioning

«TCP 80» and «TCP 443»


peoplefone SOFTPHONE

«TCP 80» and «TCP 443»


Print2Fax

«TCP 443»


Server URL

BrandFQDN
firmware.peoplefone.com
Cisco SPAciscospa.peoplefone.com (cert EOL 01-2025)
Gigasetgigaset.peoplefone.com
Mitelmitel.peoplefone.com
Panasonicpanasonic.peoplefone.com
Snomsnom.peoplefone.com
Yealinkyealink.peoplefone.com

Firewall rules for peoplefone MEET

peoplefone MEET 91.132.84.160/28

SRTP TCP/32768-65535 and UDP/32768-65535

TURN/STUN
UDP/80
TCP/80
UDP/443
TCP/443
TCP/3478-3479
UDP/3478-3479


LDAP

Neu: ldaps://ldaps.peoplefone.com:636
Alt: ldap://directory.peoplefone.com:389