Port Overview | Firewall Configuration

+ Cloud and Self Hosted

Here you will find an overview of the necessary port clearances in your firewall.

Configure your firewall

Many companies have no restricted Internet access and can therefore use the pascom server immediately, without any adjustment to the firewall.

However, if you specify exactly which Internet services your company network may access, please activate the following ports in your firewall to allow smooth operation of the pascom phone system

Port Overview Cloud

Port Function Device Source Target
5061/TCP SIP-Connection Your Network pascom.cloud*
30.000-35.000/UDP RTP-Voice Your Network pascom.cloud*
636/TCP LDAPS, Phonebook Your Network pascom.cloud*
8884/TCP Phone Provisioning Your Network pascom.cloud*
443/TCP Updates, Push, Fax, Voicemail, Recordings, Filetransfer, WebClient Your Network pascom.cloud*
3478 Video-Functionality/UDP Your Network pascom.cloud*
5222/TCP Chat Your Network pascom.cloud*
19302/UDP+TCP WebRTC - WebClient Your Network pascom.cloud*
8885/TCP VPN Tunnel to PBX Your Network pascom.cloud*


Legend

= pascom Server
= Desktop Client
= Mobile Client
= IP-Phone
= WebClient

| * = The pascom.cloud can target different IP addresses

Port Overview Onsite

Port Function Device Source Target
80 / 443/TCP Licenseserver, Push Your Network my.pascom.net
443/TCP pascom Remote Support via VPN Your Network tunnel.pascom.net
25/TCP Access to pascom Mailserver Your Network cloudmx1.pascom.net, cloudmx2.pascom.net
123/TCP Access to TimeServer (NTP) Your Network ntp.pool.org


To access your devices via the Internet in your network to the pascom telephone system, you need the same port clearances as for the cloud variant. (or also with subnets)

Port Function Device Target
5061/TCP SIP-Connection Your Network
30.000-35.000/UDP RTP-Voice Your Network
636/TCP LDAPS, Phonebook Your Network
8884/TCP Phone Provisioning Your Network
443/TCP Updates, Push, Fax, Voicemail, Recordings, Filetransfer, Client Authentication Your Network
3478/UDP Video-Functionality Your Network
5222/TCP Chat Your Network
19302/UDP+TCP WebRTC - WebClient Your Network
8885/TCP VPN Tunnel to PBX Your Network
80/TCP Let’s Encrypt Certificate Your Network


Legend

= pascom Server
= Desktop Client
= Mobile Client
= IP-Phone
= WebClient

| * = The pascom.cloud can target different IP addresses

IP addresses of the pascom.cloud

The IP addresses of pascom.cloud are dynamic and can change at any time. For this reason, it is not advisable to set a fixed IPv4 or IPv6 IP address as the firewall rule.

Instead, use the DNS entry “ip.pascom.cloud “. If you resolve it, you will get all IPv4 and IPv6 IP addresses that pascom.cloud is using at the moment.

The DNS record “ip.pascom.cloud “ can be used in two ways

Resolve DNS record manually

Resolve it manually with tools like “dig “ or “nslookup “ to get the IP addresses:

# ipv4 with dig:
dig +short ip.pascom.cloud A

# ipv6 with dig:
dig +short ip.pascom.cloud AAAA

# ipv4 with nslookup
nslookup -q=A ip.pascom.cloud

# ipv6 with nslookup
nslookup -q=AAAA ip.pascom.cloud

Set DNS entry directly in the firewall

Use the DNS record “ip.pascom.cloud “ directly in your firewall as destination or source. This only works if your firewall can use or resolve DNS names instead of IP addresses and updates them regularly.