Table 2.1 - Advertised IP Supernets |
|
Table 3.1.1 - Common cloud services | ||||
---|---|---|---|---|
Purpose |
Application protocol |
Domain name/IP addresses |
Resolves to Supernet address? (yes/no)
|
Destination ports |
Company website |
HTTPS |
www.ringcentral.com |
No | TCP\443 |
Service status portal |
HTTPS |
status.ringcentral.com |
No | TCP\443 |
Customer support | HTTPS | support.ringcentral.com | No | TCP\443
|
Discovery service API | HTTPS | discovery.ringcentral.biz | Yes | TCP\443 |
Account federation management portal | HTTPS | accounts.ringcentral.com | Yes | TCP\443 |
Service Web portal
|
HTTPS
|
service.ringcentral.com
|
Yes | TCP\443
|
Service Web portal - UK | HTTPS | service.ringcentral.co.uk | Yes | TCP\443 |
Service Web portal - Europe | HTTPS | service.ringcentral.eu | Yes | TCP\443 |
Administrator/User account login portal | HTTPS |
login.ringcentral.com | Yes | TCP\443 |
Administrator/User account login portal - UK
|
HTTPS | login.ringcentral.co.uk
|
Yes | TCP\443 |
Administrator/User account portal - Europe | HTTPS | login.ringcentral.eu | Yes | TCP\443 |
Analytics portal |
HTTPS |
analytics.ringcentral.com |
No | TCP\443 |
Analytics portal - Canada |
HTTPS |
analytics.ringcentral.ca
|
No | TCP\443 |
Analytics portal - UK |
HTTPS |
analytics.ringcentral.co.uk |
No | TCP\443 |
Analytics portal - Europe |
HTTPS |
analytics.ringcentral.eu |
No | TCP\443 |
Table 3.2.1 - RingCentral App - web, desktop, and mobile |
|||
Purpose |
Application protocol |
Domain name/IP addresses |
Destination ports |
Media/media secured and media access control |
RTP/SRTP (DTLS) |
IP supernets |
UDP\20000-64999 and UDP\19302 |
Signaling - mobile app |
SIP/TCP |
IP supernets |
TCP\5091 |
Signaling secured - mobile app |
SIP/TLS |
IP supernets |
TCP\5097 |
Signaling secured - mobile app |
SIP/WSS/TLS |
IP supernets |
TCP\443 |
Signaling secured desktop and web app |
SIP/WSS/DTLS |
IP supernets |
TCP\8083 |
IOVATION SDK for two-factor login |
HTTPS |
mpsnare.iesnare.com ringcentral.112.2o7.net |
TCP\443 |
Application file upload and download |
HTTPS |
glip-vault-1.s3.amazonaws.com glip-vault-1.s3-accelerate.amazonaws.com |
TCP\443 |
Log file upload |
HTTPS |
www.filestackapi.com |
TCP\443 |
Application service API |
HTTPS |
*.ringcentral.com |
TCP\443 |
Messaging service API |
HTTPS |
*.glip.com mvp.ringcentral.com dl.mvp.ringcentral.com |
TCP\443 |
Messaging content support | HTTPS | api.giphy.com
media0.giphy.com
media1.giphy.com
media2.giphy.com
media3.giphy.com
Media4.giphy.com
i.embed.ly
|
TCP\443 |
Presence status, call log notifications, and voicemail notifications |
HTTPS |
ringcentral.pubnubapi.com ringcentral-1.pubnubapi.com ringcentral-2.pubnubapi.com ringcentral-3.pubnubapi.com ringcentral-4.pubnubapi.com ringcentral-5.pubnubapi.com ringcentral-6.pubnubapi.com ringcentral-7.pubnubapi.com ringcentral-8.pubnubapi.com ringcentral-9.pubnubapi.com |
TCP\443 |
Android app push notifications - mobile app |
HTTPS |
mtalk.google.com |
TCP\443, 5228, 5229, 5230 |
iOS application push notifications - mobile app |
HTTPS |
api.push.apple.com |
TCP\443, 2197, 5223 |
Software and provisioning updates |
HTTPS |
*.cloudfront.net |
TCP\443 |
Help (lower left corner of the app, covers help and video content) |
HTTPS |
community.ringcentral.com
*.demdex.net
*.coveo.com
*.vimeo.com
*.akamaized.net
www.youtube.com
js-agent.newrelic.com
bam.nr-data.net
cdn.cookielaw.org
|
TCP\443 |
RingCentral video mobile, desktop, and web application |
Refer to Table 3.2.2 |
Table 3.2.2 - RingCentral Video app - web, desktop, and mobile | |||
Purpose |
Application protocol |
Domain name/IP addresses |
Destination ports |
Media secured |
SRTP |
IP supernets
|
UDP\10000-19999 (default) |
TCP\443 (when UDP is not available - should not be used regularly, as it can affect voice quality) |
|||
Signaling secured |
HTTPS/WSS/TLS |
IP supernets |
TCP\443 |
Application service API |
HTTPS |
v.ringcentral.com |
TCP\443 |
Parser configuration for meeting link verification for mobile phones |
HTTPS |
media.ringcentral.com |
TCP\443 |
Connect platform API |
HTTPS |
api-meet.ringcentral.com api.ringcentral.com api-mucc.ringcentral.com (mobile device) |
TCP\443 |
Statistics collector |
HTTPS |
edr.ringcentral.com |
TCP\443 |
Presence status, call log notifications, and voicemail notifications |
HTTPS |
ringcentral.pubnubapi.com ringcentral-1.pubnubapi.com ringcentral-2.pubnubapi.com ringcentral-3.pubnubapi.com ringcentral-4.pubnubapi.com ringcentral-5.pubnubapi.com ringcentral-6.pubnubapi.com ringcentral-7.pubnubapi.com ringcentral-8.pubnubapi.com ringcentral-9.pubnubapi.com |
TCP\443 |
Application configuration |
HTTPS |
downloads.ringcentral.com |
TCP\443 |
Application download and update |
HTTPS |
app.ringcentral.com |
TCP\443 |
Feature enablement control |
HTTPS |
*.launchdarkly.com app.launchdarkly.com events.launchdarkly.com clientstream.launchdarkly.com mobile.launchdarkly.com |
TCP\443 |
Network connectivity test application - part of RCV |
HTTPS |
rcv.testrtc.com api.nettest.testrtc.com kong.testrtc.com *.turn.testrtc.com *.speed.testrtc.com |
TCP\443 UDP\443 |
Table 3.2.3 - RingCentral Webinar host client and attendee client |
|||
Purpose |
Application Protocol |
Domain Name/IP Addresses |
Destination Ports |
RingCentral Video |
Refer to Table 3.2.2 |
||
Fetch webinar session live streaming media segments |
HTTPS |
*.cloudfront.net |
TCP\443 |
Table 3.2.4 - RingCentral Video Rooms |
|||
Purpose |
Application protocol |
Domain name/IP addresses |
Destination ports |
Media secured |
SRTP |
IP supernets |
UDP\10000-19999 (default) |
SRTP |
IP supernets |
TCP\443 (Use only if UDP is not available. Should not be used regularly, as it affects voice quality.) |
|
Signaling secured |
HTTPS |
IP supernets |
TCP\443 |
SIP registration service |
HTTPS/TLS |
*.ringcentral.com |
TCP\8085-8090 |
Rooms host device |
HTTPS |
Internal enterprise assigned private IP address (no WAN firewall traversal) |
TCP\9520-9530 |
Login portal |
HTTPS |
v.ringcentral.com |
TCP\443 |
Notifications |
HTTPS |
ringcentral.pubnubapi.com ringcentral-0.pubnubapi.com ringcentral-1.pubnubapi.com ringcentral-2.pubnubapi.com ringcentral-3.pubnubapi.com ringcentral-4.pubnubapi.com ringcentral-5.pubnubapi.com ringcentral-6.pubnubapi.com ringcentral-7.pubnubapi.com ringcentral-8.pubnubapi.com ringcentral-9.pubnubapi.com |
TCP\443 |
Software and provisioning updates |
HTTPS |
*.ringcentral.com |
TCP\443 |
Table 3.2.5 - RingCentral Video with Room Connector |
|||
Purpose* |
Application protocol |
Domain name/IP addresses |
Destination ports |
Media |
RTP/SRTP |
IP supernets |
UDP\10000-19999 |
Signaling |
SIP |
Region-independent: sip.rcv.com US West: ws.rcv.com US East: es.rcv.com Netherlands: nld.rcv.com Germany: deu.rcv.com South Africa: zaf.rcv.com Singapore: sgp.rcv.com Australia: aus.rcv.com Japan: jpn.rcv.com |
UDP\5060 or TCP\5060 |
Signaling secured |
SIP/TLS |
Region-independent: sip.rcv.com US West: ws.rcv.com US East: es.rcv.com Netherlands: nld.rcv.com Germany: deu.rcv.com South Africa: zaf.rcv.com Singapore: sgp.rcv.com Australia: aus.rcv.com Japan: jpn.rcv.com |
TCP\5061 |
Table 3.2.6 - RingCentral Phones - desk, conference, and cordless | |||
---|---|---|---|
Purpose |
Application protocol |
Domain name/IP addresses |
Destination ports |
Media and media secured |
RTP/SRTP |
IP supernets |
UDP\20000-64999 |
Signaling |
SIP |
IP supernets |
TCP\5090, TCP\5099** UDP\5090, UDP\5099** |
Signaling secured |
SIP/TLS |
IP supernets |
TCP\5096, TCP\5098** |
Network time service |
NTP |
ntp1.ringcentral.com and ntp2.ringcentral.com |
UDP\123 |
LDAP directory service |
LDAP |
cd.ringcentral.com |
TCP\636 |
Poly phones provisioning and firmware update |
HTTPS |
Provisioning: pp.ringcentral.com ztp.polycom.com pp.s3.ringcentral.com |
TCP\443 |
Cisco phones provisioning and firmware update |
HTTPS |
Provisioning:
cp.ringcentral.com Firmware update:
cp.s3.ringcentral.com |
TCP\443 |
Yealink phones provisioning and firmware update |
HTTPS |
Provisioning:
rps.yealink.com yp.ringcentral.com Firmware update:
yp.s3.ringcentral.com |
TCP\443 |
Avaya phones provisioning and firmware update | HTTPS | Provisioning and firmware update: des.avaya.com av.ringcentral.com |
TCP\443 |
Unify phone provisioning and firmware update |
HTTPS |
Provisioning: |
Provisioning: |
Mitel phones provisioning and firmware update |
HTTPS |
Provisioning:
mtl.ringcentral.com rcs.aastra.com Firmware update:
mtl.s3.ringcentral.com |
TCP\443 |
SNOM phones provisioning and firmware update |
HTTPS |
Provisioning:
snm.ringcentral.com Firmware update:
snm.s3.ringcentral.com |
TCP\443 |
ALE phones provisioning and firmware update | HTTPS | Provisioning:
devices.eds.al-enterprise.com Firmware update:
ale.ringcentral.com |
TCP\443 |
Table 3.2.7 - RingCentral Softphone App - desktop |
|||
Purpose |
Application protocol |
Domain name/IP addresses |
Destination ports |
Media and media secured |
RTP/SRTP |
IP supernets |
UDP\20000-64999 |
Signaling |
SIP |
IP supernets |
TCP\5091 |
Signaling secured |
SIP/TLS |
IP supernets |
TCP\5097 |
Presence status, call log notifications, and voicemail notifications |
HTTPS |
ringcentral.pubnubapi.com ringcentral-0.pubnubapi.com ringcentral-1.pubnubapi.com ringcentral-2.pubnubapi.com ringcentral-3.pubnubapi.com ringcentral-4.pubnubapi.com ringcentral-5.pubnubapi.com ringcentral-6.pubnubapi.com ringcentral-7.pubnubapi.com ringcentral-8.pubnubapi.com ringcentral-9.pubnubapi.com |
TCP\443 |
Software and provisioning updates |
HTTP/HTTPS |
*.ringcentral.com |
TCP\80 TCP\443 |
Platform API for user authentication and call features |
HTTPS |
api-sp.ringcentral.com |
TCP\443 |
Platform API for media services (for transferring media files: voice recordings, faxes, transcriptions, profile and contact information) |
HTTPS |
media.ringcentral.com |
TCP\443 |
Google services (contacts and calendar) |
HTTPS |
accounts.google.com www.google.com www.googleapis.com |
TCP\443 |
Table 3.2.8 - RingCentral Softphone app - mobile |
|||
Purpose |
Application protocol |
Domain name/IP addresses |
Destination ports |
Media |
RTP/SRTP |
IP supernets |
UDP\20000-64999 |
Signaling |
SIP |
IP supernets |
TCP\5091 UDP\5091 |
Signaling secured |
SIP/TLS |
IP supernets |
TCP\5097 |
Signaling (IPv6 client) |
SIP/TLS |
IP supernets |
TCP\5090-5098 |
SIP registration service |
HTTPS |
*.ringcentral.com |
TCP\443 |
Application presence status, call log notifications, and voicemail notifications - used in Android, not in iOS |
HTTPS |
ringcentral.pubnubapi.com ringcentral-0.pubnubapi.com ringcentral-1.pubnubapi.com ringcentral-2.pubnubapi.com ringcentral-3.pubnubapi.com ringcentral-4.pubnubapi.com ringcentral-5.pubnubapi.com ringcentral-6.pubnubapi.com ringcentral-7.pubnubapi.com ringcentral-8.pubnubapi.com ringcentral-9.pubnubapi.com |
TCP\443 |
Data synchronization with cloud (e.g., call log info, presence, and voicemails) |
HTTPS |
api-mob.ringcentral.com |
TCP\443 |
Soft clients software and provisioning updates |
HTTPS |
*.cloudfront.net |
TCP\443 |
Table 3.3.1 - RingCentral Archiver |
|||
Purpose |
Application protocol |
Domain name/IP addresses |
Destination ports |
Content archiving |
HTTPS |
For Box, Dropbox, Google Drive, and Smarsh archiving systems |
TCP\443 |
SFTP |
For archiving to an enterprise SFTP server, the following SFTP client IP addresses must be whitelisted: 3.211.163.136 3.223.170.110 34.225.218.68 34.226.29.169 34.234.210.244 34.236.210.8 34.239.13.99 35.172.123.110 52.87.7.127 54.80.51.95 Any of these IP addresses may dynamically be selected by the RingCentral SFTP client to connect to an enterprise SFTP server. |
TCP\22 |
Table 3.4.1 - SIP trunks | |||
---|---|---|---|
Purpose |
Application protocol |
IP addresses |
Destination ports |
Media |
RTP |
Public IP addresses to be provided by RingCentral during project definition. |
UDP\1024-65535 |
Signaling |
SIP |
UDP\5060 TCP\5061-5065 |
Table 3.5.1 - Communication integration services | |||
---|---|---|---|
Purpose |
Application protocol |
Domain name/IP addresses |
Destination ports |
Integration service API |
HTTPS |
api-rcapps.ringcentral.biz api-rcapps.ringcentral.com |
TCP\443 |
Endpoint registration service |
HTTPS |
sip*.ringcentral.com |
TCP\8083 |
Video scheduling service |
HTTPS |
api-meet.ringcentral.com |
TCP\443 |
Microsoft Teams integration service |
HTTPS |
teams.ringcentral.com |
TCP\443 |
Slack integration service |
HTTPS |
slack.ringcentral.com |
TCP\443 |
Stand-alone platform API |
HTTPS |
platform.ringcentral.com |
TCP\443 |
Embeddable platform API |
HTTPS |
platform.ringcentral.com |
TCP\443 |
Table 3.6 RingCentral cloud IP addresses for on-premises Microsoft Exchange server | |
---|---|
Region |
Domain name/IP addresses |
North America |
3.223.170.110 54.147.91.15 3.211.163.136 |
Europe |
18.196.95.223 3.122.161.21 3.122.122.53 |