STARFACE WIKI (English)

Seitenhierarchie

Suche

The network in which the STARFACE is located or its security settings must take into account the following port use of the STARFACE if the underlying functions are to be used. This is especially important when port forwardings or NAT is used.

Further down in the documentation are some example scenarios.

Port

Protocol

Description

80

TCP

Access to the STARFACE web interface via http

80

TCP

Access to the STARFACE address book in the UCC client (Mac and Windows)

123

UDP

Set/adjust system time via an external NTP server

443

TCP

Access to the STARFACE web interface via https

443

TCP

Access to the STARFACE address book and the function key configurationin the UCC client (Mac and Windows)

1902

UDP

User authentication via Active Directory

3090

TCP and UDP

Set-up and use of the system network

5060

UDP

Use of SIP (e.g. setting up calls)

5060TCP

Use of SIP (e.g. setting up calls)

5061

TCP

TLS encryption in the STARFACE UCC client and for encrypted connections belonging to some SIP providers

5222

TCP

UCC and mobile client login onto the XMPP server

10.000 to 20.000

UDP

Incoming RTP audio data

1.025 to 65.535

UDP

Outgoing RTP audio data

50080

TCP

Autoprovisioning (all 3 types) and telephone menus (unencrypted)

50081

TCP

Autoprovisioning (all 3 types) for Openstage and Snom (with TLS)

The use of TLS 1.0 is not possible for the following ports, all higher versions of TLS are supported:

  • 443

  • 5061

  • 5223

Access for STARFACE Mobile Clients

The following DNS entry must be accessible via port 443 for the STARFACE and the mobile clients to ensure the functionality of the STARFACE mobile clients:

  • push.starface.de

Access to Server Addresses

The following server addresses must be accessible from STARFACE:

Adress

Port

Protocol

Description

license.starface.de

80

HTTP

Access to the STARFACE license server concerning the cross-checking of licences

license.starface.de

443

HTTPS

Access to the STARFACE license server concerning the cross-checking of licences

license.starface.de8383HTTPS

Access to the STARFACE license server concerning the cross-checking of licences

update.starface.de

80

HTTP

Access to STARFACE updates

update.starface.de

443

HTTPS

Access to STARFACE updates

starface-cdn.de

80

HTTP

Access to STARFACE updates

starface-cdn.de

443

HTTPS

Access to STARFACE updates

www.starface-cdn.de

80

HTTP

Access to STARFACE updates

www.starface-cdn.de

443

HTTPS

Access to STARFACE updates

siptrunk.de

443

HTTPS

Access to the provider portal

STARFACE Connect

The following IP addresses must be accessible from the STARFACE if a STARFACE Connect line is to be used:

  • 37.120.180.58
  • 37.120.180.6

  • 37.120.181.198

  • 37.120.181.229
  • 85.184.250.15

Example scenarios

Here you find some example scenarios and the necessary settings:

Incoming ports:

Port

Protocol

Description

Setting

5060

UDP

unencrypted VoIP signaling over SIP

Port Forwarding

5061¹

TCP

encrypted VoIP signaling over SIP

Port Forwarding

10.000 to 20.000

UDP

incoming audio RTP data

Port Forwarding

Outgoing ports:

Port

Protocol

Description

Setting

5060

UDP

unencrypted VoIP signaling over SIP

Allow direction to WAN

5061¹

TCP

encrypted VoIP signaling over SIP

Allow direction to WAN

1025 to 65.535

UDP

outgoing audio RTP data

Allow direction to WAN

¹ if supported by the SIP provider

Incoming ports:

Port

Protocol

Description

Setting

443TCPHTTPS web interface / REST-APIPort Forwarding

5060

UDP

unencrypted VoIP signaling over SIP

Port Forwarding

5061¹

TCP

encrypted VoIP signaling over SIP

Port Forwarding

5222

TCP

XMPP server of STARFACE (Chat and UCI)

Port Forwarding

50080

TCP

unencrypted autoprovisioning of telephones

Port Forwarding

50081

TCP

encrypted autoprovisioning of telephones

Port Forwarding

10.000 to 20.000

UDP

incoming audio RTP data

Port Forwarding

Outgoing ports:

Port

Protocol

Description

Setting

5060

UDP

unencrypted VoIP signaling over SIP

Allow direction to WAN

5061¹

TCP

encrypted VoIP signaling over SIP

Allow direction to WAN

5222

TCP

XMPP server of STARFACE (Chat and UCI)

Allow direction to WAN

50080

TCP

unencrypted autoprovisioning of telephones

Allow direction to WAN

50081

TCP

encrypted autoprovisioning of telephones

Allow direction to WAN

1.025 to 65.535

UDP

outgoing audio RTP data

Allow direction to WAN

¹ if supported by the SIP provider

Incoming ports:

PortProtocolDescriptionSetting
443TCPHTTPS web interface / REST-APIPort Forwarding
5060UDPunencrypted VoIP signaling over SIPPort Forwarding
5061¹TCPencrypted VoIP signaling over SIPPort Forwarding
5222TCPXMPP server of STARFACE (Chat and UCI)Port Forwarding
50080TCPunencrypted autoprovisioning of telephonesPort Forwarding
50081TCPencrypted autoprovisioning of telephonesPort Forwarding
10.000 to 20.000UDPincoming audio RTP dataPort Forwarding

Outgoing ports:

PortProtocolDescriptionSetting
443TCPHTTPS web interface / REST-APIAllow direction to WAN
5060UDPunencrypted VoIP signaling over SIPAllow direction to WAN
5061¹TCPencrypted VoIP signaling over SIPAllow direction to WAN
5222TCPXMPP server of STARFACE (Chat and UCI)Allow direction to WAN
50080TCPunencrypted autoprovisioning of telephonesAllow direction to WAN
50081TCPencrypted autoprovisioning of telephonesAllow direction to WAN
1025 to 65.535UDPoutgoing audio RTP dataAllow direction to WAN

¹ if supported by the SIP provider

  • Keine Stichwörter