Firewall Configuration for Vidyo Desktop

Configure your firewall

To have the VidyoDesktop client working properly you need to open the following ports:

NOTE: To get the extensive list of hostnames and IP addresses of all the routers that serve the CERN Vidyo service installed at CERN and at the LCG T1 centers, please send a note requesting it to vidyo-support@cern.ch

  • TCP Port 443 (HTTPS): outbound to vidyoportal.cern.ch and routers
  • TCP 17992 (EMCP): outbound to vidyoportal.cern.ch
  • TCP Port 17990 (SCIP) and UDP Ports 50,000 – 65,535 (RTP/sRTP/RTCP) bidirectional to the Vidyo routers
    • Note about UDP timeouts on firewalls:
      • Some Firewalls have a UDP default timeout. On the Cisco PIX Firewall, for example, if the UDP timeout is not changed then the call will drop in exactly two minutes and the Vidyo client(s) would have to reconnect. You may want to contact your network admin to check this setting and increase the timeout. 

For H.323/SIP clients, the standard H.323/SIP ports need to be opened to the cluster of VidyoGateways. Please contact vidyo-support@cern.ch, if more information on this subject is needed.

For detailed information about Firewall and NAT configurations please consult the Vidyo Guide for Administratorssection 24, page 129 

If your firewall cannot be opened (or in the meantime your are waiting for it to be opened)

If the firewall cannot be opened, Vidyo should work if you force the use of the Vidyo proxy. In the VidyoDesktop client (or Mobile client), go to Configuration -> Network and tick "always use vidyo proxy". Please note this option slightly decreases the quality of the connection, and using it by default risks of overloading the available proxy servers. Properly opening the firewall ports should remain the priority option.

Functional Element

Last updated date

23 Jul 2013

You are here