Client Router / Firewall Settings

If the NEWT Business Phone solution is not supported by a NEWT private WAN circuit, then Customer IT resources may be required to adjust Router / Firewall configurations to ensure an optimized voice experience across a third-party Internet connection. 

The following information explains set up or guidelines per scenario of Installation:

On Site NEWT PBX with NEWT Managed Router connected to Client Router / Firewall

• Persistent NAT should be disabled

• NAT translations should have minimum value set above 120 seconds

• Port modifications:

  • Open UDP 1194 (PBX VPN tunnel), UDP 4569 (NEWT Core Voice Aggregators) & UDP 10,000-20,000; UDP 5060/5061 is strictly used by local NEWT PBX appliance

  • Allow DNS UDP port 53 outbound

  • Allow NTP UDP port 123 outbound

• Do not block 208.72.120.0/24 and 208.85.220.0/24

• Allow RTP & SRTP traffic

• Firewall rules may need to be adjusted to allow for voice traffic passthrough

• Recommend QoS packet shaping rules are applied with voice prioritization

• SIP ALG should be disabled

• WAN circuit targets - Packet loss (0%), Jitter (=<30ms) and Latency (=<50ms)

CLOUD PBX

• The following ports should be opened:

  • 30000-40000/udp,5060,5061/tcp,5060,5061/udp,443/tcp-3.96.66.62

  • 30000-40000/udp,5060,5061/tcp,5060,5061/udp,443/tcp-35.183.29.146

  • 30000-40000/udp,5060,5061/tcp,5060,5061/udp,443/tcp-23.251.185.32/27

  • 30000-40000/udp,5060,5061/tcp,5060,5061/udp,443/tcp-208.85.216.228

• Allow RTP & SRTP traffic

• Firewall rules may need to be adjusted to allow for voice traffic passthrough

• Recommend QoS packet shaping rules are applied with voice prioritization

• SIP ALG should be disabled

• WAN circuit targets - Packet loss (0%), Jitter (=<30ms) and Latency (=<50ms)