Documentation

pascom Cloud Phone System Documentation and Release Notes

Port Overview | Firewall Configuration

Configure your firewall

Many companies have no restricted Internet access and can therefore use the pascom server immediately, without any adjustment to the firewall.

However, if you specify exactly which Internet services your company network may access, please activate the following ports in your firewall to allow smooth operation of the pascom phone system

Port Overview Cloud


Port Function Device Source Target
123/UDP/TCP Access to TimeServer (NTP) Your Network pool.ntp.org
5061/TCP SIP-Connection Your Network pascom.cloud*
30.000-35.000/UDP RTP-Voice Your Network pascom.cloud*
636/TCP LDAPS, Phonebook Your Network pascom.cloud*
8884/TCP Phone Provisioning Your Network pascom.cloud*
443/TCP Updates, Push, Fax, Voicemail, Recordings, Filetransfer, WebClient, Chat Your Network pascom.cloud*
19302/UDP+TCP WebRTC / Google STUN
Your Network pascom.cloud*,
stun.l.google.com,
stun1.l.google.com,
stun2.l.google.com,
stun3.l.google.com
8885/TCP VPN Tunnel to PBX Your Network pascom.cloud*

Legend

= pascom Server
= Desktop Client
= Mobile Client
= IP-Phone
= WebClient

| * = The pascom.cloud can target different IP addresses

IP addresses of the pascom.cloud outgoing (Cloud phone system)

The IP address used by the outgoing cloud phone system is dynamic and can change at any time. For this reason, it is not advisable to use this in a firewall rule.

Therefore, please use the pascom VPN Service to connect LDAP servers, for example.

IP addresses of the pascom.cloud incoming (pascom Apps)

Instead of a fixed IPv4 or IPv6 IP address, use the DNS entry “ip.pascom.cloud “. If you resolve it, you will get all IPv4 and IPv6 IP addresses that pascom.cloud is using at the moment.

The DNS record “ip.pascom.cloud “ can be used in two ways

Resolve DNS record manually

Resolve it manually with tools like “dig “ or “nslookup “ to get the IP addresses:

# ipv4 with dig:
dig +short ip.pascom.cloud A

# ipv6 with dig:
dig +short ip.pascom.cloud AAAA

# ipv4 with nslookup
nslookup -q=A ip.pascom.cloud

# ipv6 with nslookup
nslookup -q=AAAA ip.pascom.cloud

Set DNS entry directly in the firewall

Use the DNS record “ip.pascom.cloud “ directly in your firewall as destination or source. This only works if your firewall can use or resolve DNS names instead of IP addresses and updates them regularly.

QoS settings

pascom.cloud marks voice and signal packets. Many routers / switches take this into account as standard or can be configured accordingly.

Package type TOS COS DSCP decimal
Voice ef / 184 5 46
Signaling cs3 / 96 3 24

All pascom clients also mark packages accordingly. Please note that group policies must be set for this under Windows. See Windows QoS Settings.