Customers IT support team need to allow access to firewall ports to allow the endpoints to communicate to the Reach Edge addresses. This should be done before any demonstrations at customer sites or deployments.

For Reach Edge Cluster

The following addresses are required to be allowed through your network firewall:

Destination 202.56.34.145/28

• TCP 80

• TCP 443

• TCP/UDP 5060

• TCP 5061

• UDP 49152 – 65535

• UDP 123

Destination 216.191.234.139

• TCP 443

Destination 52.71.103.102; 47.89.187.0; 52.29.124.181; 3.124.165.251 (Yealink Phone Specific)

• TCP 443

Destination 1.aastra.pool.ntp.org; 2.aastra.pool.ntp.org; 3.aastra.pool.ntp.org

• UDP 123

 Note: the Now Reach desktop application needs to be able to connect to the localhost on the computers proxy settings.

The desk phones do not operate well with “proxy authentication enforcement” so please ensure they are excluded from any of these rules.

For specific Reach services / feature support

• TCP / 443 (HTTP/Web Services)

• TCP / 5061 (SIP TLS)

• UDP 123 (NTP)

• UDP / UDP 49152 – 65535 (Voice Media)