Firewall
- Clients (Browser and App) should allow outgoing UDP connections to the public internet and allow return traffic in response. Since our service provider uses dynamic IP addresses, it is not possible to specify a range of IP addresses requests go to.
- Clients (Browser and App) must also allow incoming connections from chunderm.gll.twilio.com and matrix.twilio.com. Also, they must be allowed to make outgoing connections from any port in the ephemeral range (1024-65535).
The following ports / port ranges must be opened in order to ensure the continued usage of voice services:
Phone on the browser
| Component | Address | Client-side port used | Server-side port used | Protocol |
| Signaling | chunderw-gll.twilio.com chunderw-vpc-gll.twilio.com au1: chunderw-vpc-gll-au1.twilio.combr1: chunderw-vpc-gll-br1.twilio.com ie1: chunderw-vpc-gll-ie1.twilio.com jp1: chunderw-vpc-gll-jp1.twilio.com sg1: chunderw-vpc-gll-sg1.twilio.com us1: chunderw-vpc-gll-us1.twilio.com | Any | 443 | TCP |
| Presence | matrix.twilio.com | Any | 443 | TCP |
| RTP | Any static IP pulled from the ranges mentioned | Any | 10,000-20,000 | UDP |
| Insights | eventgw.twilio.com | Any | 443 | TCP |
Phone on the mobile app
| Component | Address | Client-side port used | Server-side port used | Protocol |
| Signaling | chunderm.gll.twilio.com | Any | 10194 | TCP |
| Presence | matrix.twilio.com | Any | 443 | TCP |
| RTP | Any static IP pulled from the ranges mentioned | Any | 10,000-20,000 | UDP |
Testing firewall and port configuration
- http://www.netscan.co/ for a general scan
- https://pentest-tools.com/discovery-probing/udp-port-scanner-online-nmap for a UDP port scan.
- http://netalyzr.icsi.berkeley.edu/ for a much more detailed network scan
For more details, refer to our service provider’s list of network connectivity requirements.
Read more: Browser requirements | Network requirements