Question

What are the minimum network requirements to use the Vonage Video API?

Applies To

  • Vonage Video API
  • Network Requirements
  • Firewall Requirements
  • Proxy Requirements

Answer

Firewall Requirements

Vonage Video API services require access to specific ports. At a minimum, the following requirements must be met:

  • Open TCP port 443
  • Whitelist the following domains:
    • *.tokbox.com
    • *.opentok.com

Along with the minimum requirements, opening UDP Port 3478 will provide a better experience. UDP is recommended over TCP for better quality audio and video. UDP favors timeliness over reliability, which is consistent with human perceptive preferences, where we can fill in gaps but are sensitive to time-based delays.

This port only accepts inbound traffic after an outbound request is sent. The connection is bidirectional but is always initiated from the corporate network/client, so it is not possible for an external entity to send malicious traffic in the opposite direction. For the best possible experience, we recommend opening UDP ports 1025 – 65535.

Whitelist the following HTTPS verification servers for our HTTPS certificate. Not doing so may cause console warnings, but should not affect the session.

  • ocsp.godaddy.com
  • crl.godaddy.com

Proxy Requirements

As a general rule, using the latest versions of the Vonage Video API and browsers will produce the best results. Most proxies are supported in browsers and mobile apps today. If the only way to access the Internet from your network is through a proxy, then it must be a transparent proxy or it must be configured in the browser for HTTPS connections. WebRTC does not work with proxies requiring authentication. Along with these requirements, clients may have the following rules:

  • Chrome
    • Although not every option has been tested, recent versions have full support for authentication.
    • Pre-58 versions support NTLM authentication.
    • We’ve found a forwarding proxy setup with Kerberos does not work.
  • Firefox does not support proxies that inspect packets to validate that connections are real TLS connections, because Firefox does not support TURN over TLS.
  • iOS does not support proxy configurations that use .pac files.

Additional Information

For a visual guide on Vonage Video API network requirements in restricted networks, see our Developer documentation for Restricted Network Guidelines.