Ports and Security |
| To operate our client software (“client”) it requires both TCP and UDP connections. These or similar connections are required by any application providing VOIP (Voice over Internet protocol) voice calls. |
- TCP - Port 80 and 443 - These are the standard web ports used for browsing.
- UDP - allow any outgoing UDP request and appropriate replies.
|
The UDP ports are only open to allow requests from users within your network and people outside your network who try to gain access to those ports will see them as closed.
We use UDP ports to carry SIP/RTC which is required for the majority of VOIP applications. To protect your network requests that are generated by our software are validated by our servers and the responses back are authenticated. Some packets are also encrypted for additional security. Any packets which fail validation or authentication are simply discarded. In this way we ensure that only validated and authenticated packets are accepted by our software. |
There are two reasons why we require UDP ports to operate like this. |
1. NAT hardware |
|
With a NAT network (Network Address Translators), the gateway (which hosts the network's publicly routable IP addresses) divides the world into "public" and "private" address spaces. When a computer on the private network tries to connect to the outside world, the NAT gateway silently rewrites the packet so that it appears to come from some port on the gateway, hiding the internal address. When a reply comes back from the public Internet, the gateway reverses its mapping, sending the packet to its true, hidden destination. Connectionless protocols such as UDP are rewritten on a "best guess" basis and as such specific Firewall port allocations cannot be anticipated.
|
| |
2. Network Call completion |
| Due to the variable port allocation by our PSTN providers we cannot anticipate the port allocation on a call by call basis. As such specific Firewall port allocations cannot be anticipated.
In both of these instances your firewall will only respond to requests that have been generated by users within your own internal network.
As the UDP ports are only open to requests from within your network other people outside your network who try to gain access to those ports will see them as closed. Your firewall will only allow responses back to requests that have been sent to it from computers connected to your internal network.
Our software will only generate requests for responses for legitimate purposes and will discard any non valid or non-authenticated responses. Our software cannot be tricked into sending data to a third party through faked IP address and fake responses cannot be generated to gain access to your network using our software. Please note that if you do not enable the UDP ports to operate as detailed in this document our software will not function. |
|
| |
Firewalls |
| During installation of the client you may be asked for permission to allow connections between our client software and the Internet by your personal firewall or anti - virus software. If you do not allow these connections then our client software will not operate and you may require changing your rules settings at a later date to allow our client software to operate. |
| |
HTTP 1.1 |
The client requires HTTP 1.1 the settings of which are found within Microsoft Internet Explorer.
To check your Internet Explorer Settings just use the following steps on your PC or Laptop:
Load Internet Explorer and select Tools, then select Internet Options, then select the Advanced tab. Scroll down the list until you come to HTTP1.1 Settings and tick the box next to “Use HTTP 1.1”. If the box is already ticked leave it as it is. |
| |
Checking Windows Personal Firewalls |
| If you need to check your personal firewall on your PC or Laptop you should follow these steps:
Go to Start, select Settings then select Control Panel and then select Windows Firewall. You then need to select the Exceptions tab and then check that our software is on your list of allowed programs and there is a tick in the box. If it is not ticked you must tick the box and if it is not listed you must add it to the list using the add program button and remember to tick the box next to the application.
You can also add the UDP and TCP ports using the "Add ports" option which is also in the exceptions tab of your Windows firewall. The posts are detailed above under Network Connections. |
| |
Routers Upgrade |
BT Voyager Router Upgrade |
| If you are in the United Kingdom and using a BT Voyager Router a firmware upgrade may be required to resolve an earlier firmware release issue on that router. Full details with step by step instructions to upgrade the firmware can be found at the URL listed shortly. We strongly recommend that you print the instruction out before starting the firmware upgrade. The BT Voyager router firmware upgrade site can be found at www.voyager.bt.com/205/btbroadband/firmware_update.htm . If you have any other type of BT voyager router details can be found here www.voyager.bt.com/
1. Make sure that you have the user name and password for your router, and if not, contact either your service provider or installation engineer for details of the password.
2. If the router also operates or provides WiFi (Wireless LAN) please ensure that you have a copy of your WEP (Wireless encryption protocol) key before you start the firmware upgrade. |
