Important: Should you use this document to configure firewalls and proxies, please subscribe to updates on the helpcenter.
Indeed, as Rainbow is growing, we must add new IPs, URLs and protocols when adding new servers, location, or features. In any case of addition, we will update this document 7 days before activating new servers and services to let you time to configure your edge security equipment.
Note: Edition 32 changes are highlighted in green in the document ans concern the addition of new public IP addresses and servers for DE region.
Rainbow Collaboration
The table below gives minimum requirements for deployment of Rainbow as a collaboration solution, without telephony services.
Protocol | Port | Main use | Source | Destination (a) |
---|---|---|---|---|
TCP | 443 | Signaling, APIs, Messaging, filesharing | All Rainbow clients and applications | *.openrainbow.com openrainbow.com openrainbow.io |
UDP (b) | 3478 | Audio/video/desktop sharing media | All Rainbow clients | *.openrainbow.com |
TCP (c) | 5228-5229-5230 | Android push notification | Pure wifi Android devices | Google FCM servers |
TCP (d) | 443, 5223, 2197 | Apple push notification | Pure wifi iOS devices | Apple APNS servers |
- (a) details on FQDN and IP addresses of Rainbow servers are provided in section 5
- (b) the solution can fall back on TCP/443 if the infrastructure does not allow UDP (UDP remains highly recommended for best quality of service for multi-media flows)
- (c) Google requires that if the network implements Network Address Translation (NAT) or Stateful Packet Inspection (SPI), a 30 minute or larger timeout is maintained for FCM connections over ports 5228-5230 Google Reference: https://firebase.google.com/docs/cloud-messaging/concept-options
- (d) Apple reference: https://support.apple.com/en-ph/102266
Rainbow Hybrid Telephony
The table below gives minimum requirements for deployment of Rainbow on top of an existing customer PBX, providing telephony services and optionally advanced collaboration services.
Protocol | Port | Main use | Source | Destination (a) |
---|---|---|---|---|
TCP | 443 | Signaling, APIs, Messaging, filesharing | All Rainbow clients and applications WebRTC Gateway PBX |
*.openrainbow.com openrainbow.com openrainbow.io |
UDP (b)(c) | 3478 | Softphony with remote users Audio/video/desktop sharing media for collaboration |
All Rainbow clients WebRTC Gateway |
*.openrainbow.com |
TCP (d) | 5228-5229-5230 | Android push notification | Rainbow on pure wifi Android devices | Google FCM servers |
TCP (e) | 443, 5223, 2197 | Apple push notification | Pure wifi iOS devices | Apple APNS servers |
- (a) details on FQDN and IP addresses of Rainbow servers are provided in section 5
- (b) the solution can fall back on TCP/443 if the infrastructure does not allow UDP (UDP remains highly recommended for best quality of service for multi-media flows)
- (c) the NAT gateway implemented between the WebRTC Gateway and Rainbow must avoid too fast reuse of WAN ports. This can be achieved by implementing a 10mn timeout on NAted connection. See note of section 4.6.1 for details.
- (d) Google requires that if the network implements Network Address Translation (NAT) or Stateful Packet Inspection (SPI), a 30 minute or larger timeout is maintained for FCM connections over ports 5228-5230 Google Reference: https://firebase.google.com/docs/cloud-messaging/concept-options
- (e) Apple reference: https://support.apple.com/en-ph/102266
Rainbow Cloud Telephony
The table below gives minimum requirements for deployment of the Rainbow Hub solution. The latter provides cloud telephony services and optionally advanced collaboration services.
Protocol | Destination Port | Main use | Source | Destination (a) |
---|---|---|---|---|
TCP | 443 | Signaling, APIs, Messaging, filesharing | Rainbow applications | *.openrainbow.com openrainbow.com openrainbow.io |
UDP | 3478 | Softphony Audio/video/desktop sharing media |
Rainbow applications | *.openrainbow.com |
TCP (b) | 5228,5229,5230 | Android push notification | Rainbow on pure wifi Android devices | Google FCM servers |
TCP (c) | 443, 5223, 2197 | Apple push notification | Rainbow on pure wifi ios devices | Apple APNS servers |
TCP | 5061 | SIP | SIP devices | *.openrainbow.com |
TCP | 443 | Config and APIs | SIP devices | *.openrainbow.com |
UDP | 30000-44999 | SRTP media | SIP devices Rainbow applications (softphony) |
*.openrainbow.com |
UDP | 53 | DNS | SIP devices | DNS server |
UDP | 123 | NTP | SIP devices | pool.ntp.org |
- (a) details on FQDN and IP addresses of Rainbow servers are provided in section 5
- (b) Google requires that if the network implements Network Address Translation (NAT) or Stateful Packet Inspection (SPI), a 30 minute or larger timeout is maintained for FCM connections over ports 5228-5230 Google Reference: https://firebase.google.com/docs/cloud-messaging/concept-options
- (c) Apple reference: https://support.apple.com/en-ph/102266