How To | Understand network ports and firewalls to make a SIP call using Q-SYS
Gain an understanding of the network ports required to make a SIP call through a Q-SYS firewall.
If you are not finding the results you need and still have questions, submit a request using the form below and our Tech Docs team will get right on it. Our goal is to provide the content you need!
Your engagement helps us create the content you need. Click here to review this article.
Table of Contents
There are two distinct elements to a VoIP call:
- The Session Initiation Protocol (SIP), which is responsible for call negotiation, setup and teardown
- The Real Time Protocol (RTP), which transports call audio between parties.
Most phone systems will use port 5060 for non-encrypted signaling traffic, whether UDP or TCP. There may be exceptions, so check the PBX user documentation. Port 5061 is typically used for TLS encrypted traffic.
Additional information: Older versions of the Q-SYS softphone only supported UDP but current versions support UDP as well as TCP and TLS (Transport Layer Security, a protocol that runs over TCP and provides end-to-end security for SIP signaling by encrypting SIP messages that are exchanged between the Q-SYS SIP softphones and far end SIP endpoints or PBXs.
While the SIP ports used by a VoIP system are typically fixed, The RTP ports are typically dynamic. The typical RTP port range of a given system are UDP ports 10,000-30,000.
To make VoIP calls through a firewall, open:
UDP/TCP ports 5060-5061
UDP ports 10,000-30,000
This assumes the firewall is not making use if Port Address Translation (PAT). This may complicate matters with proper VoIP call transversal.