Attention: The security certificate on some deskphones expired on August 16, 2024. RingCentral updated them, but if your phone isn’t working, it may be because the update failed. To get your phone working again, you’ll need to factory reset it and set it up again.

Home > Network and system requirements > Network requirements > Network requirements | RingCentral MVP

Network requirements | RingCentral MVP

1. Introduction

2. IP supernets

3. Whitelisting of domains, IP addresses, and ports

3.1 Common cloud services

3.2 Endpoints

3.2.1 RingCentral MVP mobile, desktop, and web

3.2.2 RingCentral Video mobile, desktop, and web

3.2.3 RingCentral Video Rooms

3.2.4 RingCentral Video with Room Connector

3.2.5 Desk, Conference, and Cordless Phone

3.2.6 Desktop softphone

3.2.7 Mobile softphone

3.2.8 RingCentral Meetings desktop

3.2.9 RingCentral Meetings desktop

3.3 RingCentral archiver

3.4 SIP trunks

3.5 Communication integration services

4. DNS

5. NAT

6. Security software

7. Prioritization of a network connection on MS Windows

8. Quality of service guidelines

9. Unsupported devices and configurations

1. Introduction

The purpose of this document is to provide enterprises with network requirements for firewall and web proxy configuration to ensure that cloud-based Message Video Phone (MVP) unified communication services operate correctly.

2. IP supernets

The supernets (concatenated subnets) in Table 2.1 are advertised by the RingCentral cloud using the BGP routing protocol to support unified communication services over the Internet. These networks can be used to connect to the RingCentral cloud over the Internet.

Table 2.1 - Advertised IP Supernets

66.81.240.0/20

80.81.128.0/20

103.44.68.0/22

104.245.56.0/21

185.23.248.0/22

192.209.24.0/21

199.68.212.0/22

199.255.120.0/22

208.87.40.0/22

For enterprises with direct connections to RingCentral’s network (CloudConnect), additional requirements apply and RingCentral must be consulted for proper network configuration.

To ensure the proper operation of MVP services, the supernets must be accepted by the enterprise network at all locations where unified communication services are used.

These supernets must be used in the enterprise network to:

Configure firewall rules for signaling and media ports.
Configure DSCP markings in IP packet headers according to the Quality of service guidelines.
Selectively disable Layer 7 device functions such as Deep Packet Inspection for UDP traffic to/from unified communication cloud.

3. Whitelisting of domains, IP addresses, and ports

To allow the devices and applications to access supporting cloud services, domain names, IP addresses, and associated destination ports that are indicated in the following tables may need to be whitelisted in enterprise firewalls or web proxies. The destination port column indicates the port(s) on the RingCentral cloud unified communication system.

If you are having issues receiving emails and notifications, check that these email addresses have been whitelisted.

3.1 Common cloud services

Table 3.1 summarizes the domains and ports used for Common Cloud Services, which may need to be whitelisted:

Only the actual set of services that are used must be whitelisted. For example, if the Live Reports Portal is not used, the live.ringcentral.com domain does not need to be whitelisted.
The RingCentral Website, Administrator/User Account Portal, API Discovery Service, and Service Portal Domain must always be whitelisted to allow administrators and users to access general information and RingCentral services.
The RingCentral Company Website provides general information about RingCentral and products and does not require login.
The Administrator/User Account Portal is used to authenticate administrators and users to access any of the underlying communication and administration services, including MVP and Ringcentral Video (RCV).
The API Discovery Service is used for client applications to dynamically discover their correct .com and .biz API domains before the user logs in. The Discovery Service points to the Login Process service. After the Administrator/User is authenticated by the Login Service, the Discovery Service is used again to determine the appropriate API domain based on the configured account data.
Service Web Portal provides access to administration and unified communication services after authentication has been completed via the Administrator/User Account Portal.
The Analytics Login Portal provides Account Administrators insights into the RingCentral MVP system with actionable data. The corresponding domains only need to be whitelisted if this functionality is used.
The Live Report Portal gives access to an add-on service and can be used with RingCentral call queues to create a basic call center based on the MVP system.
Analytics and Live Reports Portals may be country-specific to comply with data-locality requirements.

Table 3.1 - Common Cloud Services
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Company Website	HTTPS	www.ringcentral.com	TCP\443
Service Status Portal	HTTPS	status.ringcentral.com	TCP\443
Accounts Management Portal	HTTPS	accounts.ringcentral.com	TCP\443
Administrator/User Account Portal	HTTPS	login.ringcentral.com	TCP\443
API Discovery Service	HTTPS	discovery.ringcentral.biz	TCP\443
Service Web Portal	HTTPS	service.ringcentral.com	TCP\443
Analytics Portal	HTTPS	analytics.ringcentral.com 35.190.70.192	TCP\443
Analytics Portal - Canada	HTTPS	analytics.ringcentral.ca 34.102.174.25	TCP\443
Live Reports Portal	HTTPS	live.ringcentral.com 35.190.70.192	TCP\443
Live Reports Portal - Canada	HTTPS	live.ringcentral.ca 35.201.103.66	TCP\443

3.2 Endpoints

This section provides the endpoint-specific tables for the domain names, supernets, and a range of cloud destination ports for various types of communication services traffic, including media, signaling, and registration traffic.

All sessions are initiated from an endpoint to the RingCentral cloud-based communication services. The RingCentral cloud does not initiate any session toward the customer endpoints.

The endpoint tables must be used as follows for firewall and web proxy configuration:

The endpoint tables specify the use of domain names, supernets, and a range of cloud destination ports for various purposes, including media, signaling, and registration traffic. Source ports are not specified since the port range is operating system dependent, and ports are dynamically selected.
The tables provide modular sets of requirements for firewall control to support different mixes of RingCentral endpoint deployments. The tables do not necessarily match 1-1 with RingCentral product definition since, e.g., RingCentral Video can be used as a stand-alone product and with RingCentral MVP. Therefore, a separate table is specified for RingCentral Video Mobile, desktop, and Web, which factors out the specific firewall requirements for video service.
The tables for a) RingCentral Video Mobile, Desktop, and Web, b) RingCentral Video Rooms, and RingCentral Video with Rooms Connector are specified in separate tables because a) may be deployed independently of b) and c).
For firewall configuration, only the tables for the set of endpoint types that are deployed need to be considered.
Table rows indicating Signaling/Media (without the Secured modifier) can be ignored when RingCentral has administratively configured the customer account for ‘secured signaling and media.
According to QoS traffic prioritization, the port table rows are generally organized from top to bottom, with media requiring the highest priority and supporting data service traffic at the lowest priority.
Different endpoint tables may contain the same domain names or port ranges. This is necessary because some port ranges may be shared among hard or soft endpoints. In addition such multiplicities are needed to ensure that each endpoint can be deployed independent of other endpoints types. If multiple endpoints are deployed which require the same domain to be whitelisted or a set of ports to be opened, then only one whitelisting or access rule instance needs to be configured in the firewall.
For a given voice or video call, a stateful firewall will open only a small subset of the IP addresses and ports. Other IP addresses and ports may not be opened on the firewall unless involved in other calls from the same site or for business applications.
The RingCentral MVP Mobile App may be used on a mobile operator network or a WiFi network. On a mobile operator network, firewall configuration is irrelevant when traffic only traverses the Internet to RingCentral communication services. Table 3.2.1 must be taken into account for firewall configuration when MVP Mobile Application is used on an enterprise WiFi network.
In networks where a firewall and Web proxy server are deployed, the table rows indicating “IP Supernets” must be used to configure the firewall. The remaining table rows pertain to web traffic and must be configured in the Web Proxy server.

3.2.1 RingCentral MVP mobile, desktop, and web

Table 3.2.1 - RingCentral MVP Mobile, Desktop, and Web Application
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Media and Media Secured	RTP/SRTP	IP Supernets	UDP\20000-64999
Signaling and Signaling Secured	SIP and SIP/WSS/TLS	IP Supernets	Desktop: TCP\8083 (secured) Web: TCP\443 (secured) Mobile (IPv4): TCP\5091 (clear text). TCP\5097 (secure) TCP\8085 (WSS) Mobile (IPv6): TCP\5093 (clear text). TCP\5094 (secure) TCP\8085 (WSS)
IOVATION SDK for 2-Factor Login	HTTPS	mpsnare.iesnare.com	TCP\443
File Upload and Download	HTTPS	*.s3-accelerate.amazonaws.com	TCP\443
Application API Service	HTTPS	*.ringcentral.com	TCP\443
Messaging API Service	HTTPS	*.glip.com mvp.ringcentral.com dl.mvp.ringcentral.com	mvp.ringcentral.com dl.mvp.ringcentral.com TCP\443
Presence Status, Call Log Notifications, and Voicemail Notifications	HTTPS	ringcentral.pubnubapi.com	TCP\443
Android Application Push Notifications	HTTPS	mtalk.google.com	TCP\443, 5228, 5229, 5230
iOS Application Push Notifications	HTTPS	api.push.apple.com	TCP\443, 2197, 5223
Messaging Content Support	HTTPS	api.giphy.com media0.giphy.com media1.giphy.com media2.giphy.com media3.giphy.com media4.giphy.com	TCP\443
Software and Provisioning Updates	HTTPS	*.cloudfront.net	TCP\443
Firewall Access Control for Voice	STUN/TURN	*.ringcentral.com	Web: UDP\19302
RingCentral Video Mobile, Desktop, and Web Application	Add Table 3.2.2

3.2.2 RingCentral Video mobile, desktop, and web

In the following table:

The Connect Platform API is used by RCV video for user authentication and communication session control.
The Statistics Collector publishes detailed statistics about calls. The analytics portal (Table 1) makes use of a subset of the data extracted from the Statistics Collector.
The RCV Web Client Application does not need to be whitelisted if only the Desktop and Mobile version of the RCV App are used.
The Network Connectivity Test Application should be whitelisted to allow RCV Application users to test network connections.

Table 3.2.2 - RingCentral Video mobile, desktop, and web application
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Media Secured	SRTP	*.v.ringcentral.com or IP Supernets	UDP\10000-19999 (default)
Media Secured	SRTP	*.v.ringcentral.com or IP Supernets	TCP\443 (when UDP is not available - should not be used routinely as it adversely impacts quality)
Signaling Secured	HTTPS/WSS/TLS	*.ringcentral.com or IP Supernets	TCP\443
RCV Web Client Application	HTTPS	v.ringcentral.com	TCP\443
Parser Configuration for Meeting Link Verification for the Mobile phones	HTTPS	media.ringcentral.com	TCP\443
Connect Platform API	HTTPS	api-meet.ringcentral.com api.ringcentral.com api-mucc.ringcentral.com (mobile device)	TCP\443
Statistics Collector	HTTPS	edr.ringcentral.com	TCP\443
Presence Status, Call Log Notifications, and Voicemail Notifications	HTTPS	ringcentral.pubnubapi.com	TCP\443
Application Configuration	HTTPS	downloads.ringcentral.com	TCP\443
Application Download and Update	HTTPS	app.ringcentral.com	TCP\443
Network Connectivity Test Application - Part of RCV	HTTPS	rcv.testrtc.com which uses: api.nettest.testrtc.com kong.testrtc.com .turn.testrtc.com .speed.testrtc.com	TCP\443 UDP\443

3.2.3 RingCentral Video Rooms

Table 3.2.3 - RingCentral Video Rooms
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Media Secured	SRTP	IP Supernets	UDP\10000-19999 (default)
Media Secured	SRTP	IP Supernets	TCP\443 (if UDP is not available - should not be used routinely as it adversely impacts quality)
Signaling Secured	HTTPS	IP Supernets	TCP\443
SIP Registration Service	HTTPS/TLS	*.ringcentral.com	TCP\8085-8090
Rooms Host Device	HTTPS	Internal enterprise assigned private IP address (no WAN firewall traversal)	TCP\9520-9530
Login Portal	HTTPS	v.ringcentral.com	TCP\443
Notifications	HTTPS	ringcentral.pubnubapi.com	TCP\443
Software and Provisioning Updates	HTTPS	*.ringcentral.com	TCP\443

3.2.4 RingCentral Video with Room Connector

Table 3.2.4 - RingCentral Video with Room Connector
Purpose*	Application Protocol	Domain Name/IP Addresses	Destination Ports
	Media	RTP/SRTP	IP Supernets	UDP\10000-19999
	Signaling	SIP	sip.rcv.com ws.rcv.com es.rcv.com	UDP\5060 or TCP\5060
	Signaling Secured	SIP/TLS	sip.rcv.com ws.rcv.com es.rcv.com	TCP\5061

* Secured versus unsecured connectivity is controlled by the customer video device settings

3.2.5 RingCentral desk, conference, and cordless phone

Some 3rd party devices, such as the Polycom / Poly IP7000 speakerphone, do not support signaling or media encryption. They should be avoided in a deployment requiring complete security.
No separate ports are specified for Busy Lamp Appearance (BLA) since it uses the signaling ports and standard SIP NOTIFY packets.

Table 3.2.5 - RingCentral desk, conference and cordless phone
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Media and Media Secured	RTP/SRTP	IP Supernets	UDP\20000-64999
Signaling	SIP	IP Supernets	TCP\5090, TCP\5099 UDP\5090, UDP\5099
Signaling Secured	SIP/TLS	IP Supernets	TCP\5096, TCP\5098**
Network Time Service	NTP	IP Supernets	UDP\123
Polycom/Poly Desk Phones and Conference Phones	HTTPS	Provisioning: pp.ringcentral.com	TCP\443
Polycom/Poly Desk Phones and Conference Phones	HTTPS	Firmware Update: pp.s3.ringcentral.com	TCP\443
Cisco Desk Phones Provisioning and Firmware Update	HTTPS	cp.ringcentral.com	TCP\443
Yealink Desk Phones Provisioning and Firmware Update	HTTPS	yp.ringcentral.com rps.yealink.com	TCP\443

**Ports 5098 and 5099 only need to be opened for Busy Lamp Appearance when line sharing is used.

3.2.6 RingCentral desktop softphone

Table 3.2.6 - RingCentral desktop softphone
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Media and Media Secured	RTP/SRTP	IP Supernets	UDP\20000-64999
Signaling	SIP	IP Supernets	TCP\5091
Signaling Secured	SIP/TLS	IP Supernets	TCP\5097
Presence Status, Call Log Notifications, and Voicemail Notifications	HTTPS	.pubnub.com .pubnub.net *.pndsn.com ringcentral.pubnubapi.com (for newer endpoint versions)	TCP\443
Software and Provisioning Updates	HTTP/HTTPS	*.ringcentral.com	TCP\80 TCP\443
Platform API for user Authentication and Call Features	HTTPS	api-sp.ringcentral.com	TCP\443
Platform API for Media Service (for transferring media files: voice recordings, faxes, transcriptions, profile and contact information)	HTTPS	media.ringcentral.com	TCP\443
Google Services (Contacts and Calendar)	HTTPS	accounts.google.com www.google.com www.googleapis.com	TCP\443

3.2.7 RingCentral mobile softphone

Table 3.2.7 applies to the Mobile Phone Application when used on a WiFi network.

Table 3.2.7 - RingCentral mobile softphone
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Media	RTP/SRTP	IP Supernets	UDP\20000-64999
Signaling	SIP	IP Supernets	TCP\5091 UDP\5091
Signaling Secured	SIP/WSS/TLS	IP Supernets	TCP\5097 TCP\443
Signaling (IPv6 client)	SIP/WSS/TLS	IP Supernets	TCP\5090-5098 TCP\443
SIP Registration Service	HTTPS	*.ringcentral.com	TCP\443
Application Presence Status, Call Log Notifications, and Voicemail Notifications - Used in Android, not in iOS	HTTPS	.pubnub.com .pubnub.net *.pndsn.com V19.4.20 or higher: ringcentral.pubnubapi.com	TCP\443
Data Sync with RingCentral backend (e.g., call log info, presence, and voicemails)	HTTPS	api-mob.ringcentral.com	TCP\443
Soft Clients Software and Provisioning Updates	HTTPS	*.cloudfront.net	TCP\443

3.2.8 RingCentral Meetings desktop

Table 3.2.8 - RingCentral Meetings - Desktop and Web Client
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Media	RTP	IP Supernets	UDP\8801-8802 TCP\8801-8802
Media Secured and Signaling Secured	HTTPS/TLS	IP Supernets	UDP\443 TCP\443
Access Control	STUN/TURN		UDP\3478 TCP\3478 UDP\3479 TCP\3479
Login Portal	HTTPS	meetings.ringcentral.com	TCP\443
Login Portal	HTTPS	webinar.ringcentral.com	TCP\443
Media Servers	HTTPS	.zoom.us .meetzoom.us 34.196.189.103	TCP\443

3.2.9 RingCentral Meetings with Room Connector

Table 3.2.9 - RingCentral Meetings with Room Connector (H.323 and SIP)
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Media	RTP/SRTP	IP Supernets	UDP\9000-10000
Signaling	SIP	IP Supernets	UDP\3000-4000 UDP\5060 TCP\3000-4000 TCP\5060
Signaling	H.323	IP Supernets	TCP\1720
Signaling Secured	SIP/TLS	IP Supernets	TCP\5061
Streaming			UDP\8801-8803 TCP\8801-8803
Authentication and Software Update	TLS	*.zoom.us	TCP\80, TCP\443

3.3 RingCentral archiver

The RingCentral Archiver is a cloud-side integration to allow administrators to copy call content, including recordings, voicemail, fax, and SMS to a long-term enterprise-owned repository. The Archiver can be used to ensure that call data is retained over a long period of time and to meet data residency and regulatory retention requirements.

Table 3.3.1 - RingCentral Archiver

Purpose

Application Protocol

Domain Name/IP Addresses

Destination Ports

Content Archiving

HTTPS

For Box, Dropbox, Google Drive, and Smarsh archiving systems

TCP\443
(does not traverse enterprise network)

SFTP

For archiving to an enterprise SFTP server, the following SFTP client IP addresses must be whitelisted:

34.225.218.68

34.226.29.169

34.234.210.244

34.236.210.8

34.239.13.99

35.172.123.110

52.87.7.127

54.80.51.95

Any of these IP addresses may dynamically be selected by the RingCentral SFTP client to connect to an enterprise SFTP server.

TCP\22

3.4 SIP trunks

Table 3.4.1 - SIP Trunks

Purpose

Application Protocol

Domain Name/IP Addresses

Destination Ports

Media

RTP

Public IP addresses to be provided by RingCentral during project definition

UDP\1024-65535

Signaling

SIP

UDP\5060

TCP\5061-5065

3.5 Communication integration services

Enterprises can use MVP and RCV Communication Integration Services to develop soft-endpoint communication clients.

The next table summarizes the programmatic Communication Integration Services which allow enterprises to build their own soft endpoint clients. These services may need to be whitelisted in a firewall or web proxy:

1. Only the actual set of services that are used must be whitelisted. For example:

a. If no Integration Services are used, then these domains do not need to be
whitelisted.

b. The Embeddable Application API only needs to be whitelisted if applications
based on this API are actually implemented.

2. The Integration API Service is the foundation API on which all Communication
Integration Services rely and must be whitelisted.

3. The Endpoint Registration Service is needed to register all Integration Services
(WebRTC) endpoints with the RingCentral Cloud Communication Service and,
therefore, must be whitelisted.

4. The RCV Scheduling Service is used for creating and manipulating RCV
meetings.

5. The Microsoft Teams (Slack) Integration Service integrates services including
MVP and RCV into Teams (Slack).

6. The Platform API can be used to develop applications such as an outbound
dialer that are separate from or integrated into existing business applications.

Table 3.5.1 - Communication Integration Services
Purpose	Application Protocol	Domain Name/IP Addresses	Destination Ports
Integration API Service	HTTPS	api-rcapps.ringcentral.biz api-rcapps.ringcentral.com	TCP\443
Endpoint Registration Service	HTTPS	sip*.ringcentral.com	TCP\8083
RCV Scheduling Service	HTTPS	api-meet.ringcentral.com	TCP\443
Microsoft Teams Integration Service	HTTPS	teams.ringcentral.com	TCP\443
Slack Integration Service	HTTPS	slack.ringcentral.com	TCP\443
Platform API to Develop Separate Applications	HTTPS	platform.ringcentral.com	TCP\443
Platform API to Develop Embedded Applications	HTTPS	platform.ringcentral.com	TCP\443

4. DNS

All endpoints and services require Internet-based DNS to function properly. In the case where private DNS is used, it must perform forward-lookups to Internet-based DNS.

For example, endpoints rely on a DNS service to resolve the provisioning service domain name (e.g., pp.ringcentral.com).

5. NAT

Network Address Translation/Port Address Translation functionality (generically referred to as NAT) is applied at the border between two networks to translate between address spaces or prevent collision of IP address spaces.

For proper operation of hard phones, a minimum Network Address Translation time out needs to be configured. Cisco phones send a follow-up REGISTER refresh message every 4 minutes, Polycom/Poly phones every 5 minutes so that NAT entry expiration timeout must be set to greater than 5 minutes to cover hard phones.

6. Security software

Cloud-based security client software (network firewalls and web proxies) and client-firewall may need to be configured to bypass supernet and other MVP traffic when this interferes with the operation of endpoints.

7. Prioritization of a network connection on MS Windows

For soft-client endpoints with multiple network connections (wired or wireless), it must be ensured that the traffic uses only one connection. Sometimes, the computer is configured to use network connections with equal priority, which causes issues with VoIP and Video calls using soft-clients. The next steps can be executed to ensure a WiFi network connection is used. Similar steps can be executed to prioritize a wired network connection.

At the bottom left of the MS Windows screen, select Start.
Type cmd in the search bar to open a terminal window.
Type route print in the terminal.

The output shows the metrics used for different interfaces on the computer. To ensure that traffic passes the WiFI network execute:

At the bottom left of your screen, select Start.
Type Control Panel in the search bar.
Select Network and Internet.
Select View network status and tasks.
Select Change adapter settings.
Select the checked WiFi adapter.
Select Properties by clicking the right mouse button.
Login as Administrator (if needed).
Select Internet Protocol Version 4 (TCP/IPv4).
Select Properties.
Select Advanced.
Uncheck Automatic metric.
Enter 9999 to give the WiFi interface the highest priority.
Select OK.
Type route /f to clear routing table entries.
Reboot so that the new interface priority is activated.
Verify the metric by executing route print in the terminal window.

8. Quality of service guidelines

To ensure that traffic is properly prioritized, the Quality of Service Guidelines must be followed. Otherwise, intermittent call control or media quality issues may be experienced by communication parties.

9. Unsupported devices and configurations

Some types of devices, device settings, and network configurations are not supported/recommended in an MVP communication solution as they are known to cause issues related to endpoint registration, call feature operation, or continuous or intermittent voice or video quality issues (contributing to high latency, packet loss, or jitter).

For proper operation of MVP services, the functions listed in Table 9.1 should be disabled on IP devices (Layer 3 switches, routers, firewalls) and Ethernet switches or be avoided. Disabling the mentioned functionality for the IP and higher layers can be limited to the supernets by applying policy-based control. For example, WAN acceleration can be configured to the pass-through mode for UDP traffic originating from and destined to the supernets.

Table 9.1 Functions that may impair SIP signaling and/or RTP media traffic
Layer	Function
Application	• SIP Application Layer Gateway (SIP ALG), also referred to as SIP Transformations • SIP inspection • Deep Packet Inspection (DPI) • Application Layer Access Control • Stateful Packet Inspection (SPI), also called Dynamic Packet Filtering • Intrusion Detection/Intrusion Prevention System (IDS/IPS) • Web Proxy operation • WAN Acceleration
Transport	• Port filtering
IP	• Packet-by-packet load balancing across multiple Service Providers links
IP & Data Link	• Auto-QoS, when used in combination with Polycom/Poly phones • Dynamic ARP Inspection
Physical	• Energy Efficient Ethernet (a.k.a. Green Ethernet) • Satellite (Ethernet over microwave) network connections

Specifically:

For some of the functionality mentioned under Application Layer Functions, packet content may traverse a separate processing engine, resulting in the mentioned impairments. The impact may be minimal when using advanced networking devices but could be substantial for SMB and SoHo devices.
Enabling SIP ALG may cause signaling issues resulting in non- or partially functioning call features and or one-way or no-audio.
SIP Inspection must be disabled since it may cause intermittent call control or media transport issues.
IDS/IPS functions may limit packet streams to a specific bandwidth causing intermittent audio issues across multiple calls when the number of calls exceeds a certain volume. WAN accelerators use header compression to reduce bandwidth consumption. For VoIP traffic, this can result in increased jitter.
Web proxies typically do not support QoS, so that any VoIP and video traffic passed through it may experience excessive latency and jitter.
Port filtering, such as UDP flood protection, may limit bandwidth, causing intermittent voice quality issues when many simultaneous calls occur.
Packet-by-packet load balancing across multiple internet connections is not supported because signaling and media for a single session must originate from the same IP address.
Use of Auto-QoS may cause voice quality issues (such as distortions or incorrect volume levels) with older Polycom/Poly speakerphones and older versions of desk phones.
Green Ethernet is used on switch ports to save energy by automatically setting them into low power mode after they have not passed traffic for some time. This may also cause intermittent signaling and media traffic issues.
Satellite connections introduce delays much exceeding 150 ms in each direction and, depending on the quality of the satellite connection, may also cause excessive jitter and packet loss. It depends on end-user expectations whether this is acceptable.