Release ports for estos products – Which network interfaces are used?
October 2020
This article explains which ports must be released for the respective estos product components.
Under "Direction" there is
- "in" for incoming connections on the computer of the program itself
- "out" for the port that is addressed on the computer of the target program
Example: The UCClient connects "out" to the UCServer on 7222. This is the port that must be accessible on the server.
Usually, the port number for "out" is searched for and set by the TCP stack itself and cannot be specified/changed on the computer of the program itself.
ProCall Enterprise
UCServer
Port number | Transport | Direction | Purpose |
|---|---|---|---|
389 | TCP | out | Default to Active Directory |
636 | TLS | out | LDAPs to Active Directory |
712 | TCP | out | Default to MetaDirectory |
714 | TCP | out | Default to MetaDirectory (saved) |
5002 | TCP | out | SMEP (only for SMS connection with WhateverMobile) |
5003 | TCP | out | SMEP SSL (only for SMS connection with WhateverMobile) |
7220 | TCP | in | Remote TSP/MultiLine TSP |
7221 | TCP | in | UCServer Verwaltung |
7222 | TCP | in | UCClient/Update Server |
7224 | TCP | in | UC Web Server |
7225 | TCP | in | UC Web Server (secure) |
7230 | UDP | in | Server search (from e.g. Windows clients) |
| 5269 | TCP | in | Default port for direct XMPP federation |
| 5275 | TCP | out | XMPP-Federation via proxy |
| 5060 | TCP | in/out | Default for SIP over TCP (Federation) |
| 5061 | TCP | in/out | Default for SIP over TLS/MTLS (Federation) |
| 443 | TLS | out | (optional) to *.ucconnect.de (for UCConnect services) |
| 5060 | UDP | out | SIP Registry (signaling the softphone) |
MediaServer
| Port number | Transport | Direction | Purpose |
|---|---|---|---|
8888 | TCP | in | Control MediaServer |
| 8433 | TLS | in | Control MediaServer |
| 3478 | UDP/TCP | out | (optional) to STUN/TURN Server |
| 3478/443 | UDP/TCP | out | (optional) to *.ucconnect.de (for UCConnect services: STUN/TURN) |
1024-65535  | UDP | in/out | SIP Media |
1024-65535  | UDP | in/out | WebRTC Media from and to clients (host candidates) |
Since ProCall 7 Enterprise the port number range can be restricted individually (properties of the SIP management group in the "Media" tab).
If the Clients or the MediaServer cannot establish a connection via the set port number range, a connection via STUN or TURN will be tried simultaneously by using ICE.
ProCall Client for Windows
Port number | Transport | Direction | Purpose |
|---|---|---|---|
389 | TCP | out | Default to Active Directory |
712 | TCP | out | Default to MetaDirectory |
714 | TCP | out | Default to MetaDirectory (secure) |
7222 | TCP | out | UCServer connection |
7231 | UDP | in | for searching for a UCServer as a response channel |
| 3478 | UDP/TCP | out | (optional) to the STUN/TURN server |
| 3478/443 | UDP/TCP | out | (optional) to *.ucconnect.de (for UCConnect services: STUN/TURN) |
| 1024-65535 | UDP | in/out | WebRTC Media (host candidates) from and to clients/media server (audio/video, softphone, screen sharing) |
Since ProCall 7 Enterprise the port number range can be restricted individually (properties of the SIP management group in the "Media" tab).
If the Clients or the MediaServer cannot establish a connection via the set port number range, a connection via STUN or TURN will be tried simultaneously by using ICE.
Update Service Client
Port number | Transport | Direction | Purpose |
|---|---|---|---|
7222 | TCP | out | Server connection (only opened when needed) |
7232 | UDP | in | Incoming UDP packets from the update server on UCServer |
Mobile Apps (iOS/Android)
Port number | Transport | Direction | Purpose |
|---|---|---|---|
| 7224 | TCP | out | Connection to Webservice |
| 7225 | TLS | out | Connection to Webservice (secured) |
| 3478 | UDP/TCP | out | Connection to STUN/TURN |
| 3478/443 | UDP/TCP | out | (optional) to *.ucconnect.de (for UCConnect services: STUN/TURN) |
| 443 | TLS | out | (optional) to *.ucconnect.de (for UCConnect services) |
| 443 | TLS | out | to ucpush.ucconnect.de for push services |
| 1024-65535 | UDP | in/out | WebRTC Media from and to Clients/Media Server (Audio/Video, Softphone) |
If the Clients or the MediaServer cannot establish a connection via the set port number range, a connection via STUN or TURN will be tried simultaneously by using ICE.
SIP Proxy (Federation)
Port number | Transport | Direction | Purpose |
|---|---|---|---|
| 5060 | TCP | in/out | Default Port oür SIP via TCP |
| 5061 | TCP | in/out | Default Port for SIP via TLS/MTLS |
XMPP Proxy (Federation)
Port number | Transport | Direction | Purpose |
|---|---|---|---|
| 5269 | TCP | in | Default Port for XMPP-Federation |
| 5275 | TCP | in | Default Port for UCServer Login |
ProCall Meetings
ECSTA
ECSTA/uaCSTA
Port number | Transport | Direction | Purpose |
|---|---|---|---|
5080 | TCP or UDP | out | Connection to the uaCSTA server |
5081 | TLS | out | Connection to the uaCSTA server |
uaCSTA Server Admin
Port number | Transport | Direction | Purpose |
|---|---|---|---|
5090 | TCP | out | Connection to the uaCSTA server |
uaCSTA Server
Port number | Transport | Direction | Purpose |
|---|---|---|---|
5080 | TCP or UDP | in | Connection from ECSTA uaCSTA |
5081 | TLS | in | Connection from ECSTA uaCSTA |
5090 | TCP | in | Connection from uaCSTA Server Admin (localhost only) |
5060 | TCP or UDP | in | Connection of telephones |
5061 | TLS | in | Connection of telephones |
MetaDirectory
Port number | Transport | Direction | Purpose |
|---|---|---|---|
7302 | TCP | in | Administrator |
712 | TCP | in | LDAP |
714 | TCP | in | LDAPS |
80 (8080/7303) | TCP | in | HTTP |
443 (8081/7304) | TCP | in | HTTPS (TLS) |
7300 | UDP | in | Server search (Broadcast Receiver) |
CallControlGateway
(no longer available)
Port number | Transport | Direction | Purpose |
|---|---|---|---|
389 | TCP | out | Default to ActiveDirectory |
712 | TCP | out | Default to MetaDirectory |
7206 | TCP | in | Administrator |
5070 | TCP | in | SIP over TCP |
5071 | TCP | in | SIP over TLS |
7233 | UDP | in | Server search |