IP whitelisting (allowlisting) entails creating a list of trusted IP addresses (dedicated static IP addresses are required), assigning them to a user or group of users as a unique identifier, and allowing the IP address to be used only on the target server.
Typically, IP whitelisting is handled on:
- Edge routers - typically set up to block undesired traffic on router's TCP and UDP port in order to protect internal LAN from the public internet threats
- Firewall - configured to grant access to the network only to specific users/devices/LANs
- Business VPN gateway
- Web server - typically to manage incoming requests and prevent extensive malicious requests (brute force attacks)
- Application layer - incoming queries can be evaluated and blocked/allowed by design in the code of the application
- SaaS application - SaaS apps usually allow setting up IP whitelists to harden security measures.
The firewall should allow outgoing UDP to the public internet from the browsers that use Salesmate Calling, and allow return traffic in response.
Component |
Address |
Server-side port used |
Protocol |
Signaling - GLL (Global Low Latency) |
443 |
TCP |
|
Signaling - Regional |
chunderw-vpc-gll-{region}.twilio.com (Regions: au1, br1, de1, ie1, jp1, sg1, us1) |
443 |
TCP |
RTP |
Static IP range * |
10,000 - 20,000 |
UDP |
Insights |
443 |
TCP |
- For the static IP range for UDP, please open up the traffic to the following CIDRs. You have to open up traffic to all the CIDRs mentioned below. Twilio will dynamically connect to one of these IP ranges depending on the browser location.
Region ID |
Location |
Media Server IP Address Range |
CIDR notation |
au1 |
Australia |
54.252.254.64 - 54.252.254.127 |
|
br1 |
Brazil |
177.71.206.192 - 177.71.206.255 |
|
ie1 |
Ireland |
54.171.127.192 - 54.171.127.255, 52.215.127.0 - 52.215.127.255 |
|
de1 |
Frankfurt |
35.156.191.128 - 35.156.191.255 |
|
jp1 |
Japan |
54.65.63.192 - 54.65.63.255 |
|
sg1 |
Singapore |
54.169.127.128 - 54.169.127.191 |
|
us1 |
US East Coast (Virginia) |
54.172.60.0 - 54.172.61.255 , 34.203.250.0 - 34.203.251.255 |
Region ID |
Location |
Media Server IP Address Range |
CIDR notation |
Port Range |
us1-ix |
US East Coast (Virginia) over Interconnect exchange in Virginia |
208.78.112.64 - 208.78.112.127 |
443 (Signaling), 10,000 - 20,000 (Media) |
|
us2-ix |
US West Coast (Oregon) over Interconnect exchange in San Jose |
67.213.136.64 - 67.213.136.127 |
443 (Signaling), 10,000 - 20,000 (Media) |
|
ie1-ix |
Ireland over Interconnect exchange in London |
185.187.132.64 - 185.187.132.127 |
443 (Signaling), 10,000 - 20,000 (Media) |
Comments
0 comments
Article is closed for comments.