العربية Español Español (Latinoamérica) Français 한국어 简体中文

Knowledge Base

Articles in this section

How do I access KUDO through a firewall?

  • Updated

KUDO Firewall rules

Quick links:

  1. Domains

  2. Ports

  3. Proxies

  4. Firewall behaviors

  5. KUDO for Microsoft Teams

  6. IP ranges

DOMAINS

Depending on your company's firewall or endpoint security settings, you might have to whitelist the following domains: 

  • *.kudoway.com (if your account is in the USA region)
  • *.kudoway.eu  (if your account is in the Europe region)
  • *.kudoway.ca (if your account is in the Canadian region)
  • *.tokbox.com 
  • *.opentok.com

If your firewall doesn’t allow wildcard whitelisting or your company’s policy prevents you from doing wildcard whitelisting, you can narrow it down using specific sub-domains:

USA region

  • https://live.kudoway.com
  • https://api.kudoway.com
  • https://session-console.kudoway.com

Europe region

  • https://live.kudoway.eu
  • https://api.kudoway.eu
  • https://session-console.kudoway.eu

Canada region

  • https://live.kudoway.ca
  • https://api.kudoway.ca
  • https://session-console.kudoway.ca

PORTS

All media (audio and video) traffic will go through STUN servers, and the recommended protocol is UDP (3478). However, if your company’s security policy is blocking UDP, our system will fallback the media traffic to TCP on SSL (443). All traffic is bi-directional.

Required TCP port: 443

Recommended UDP port: 3478 (UDP traffic is recommended because of its low overhead, leading to better video quality in most cases).

 

Using KUDO with a proxy

If the only way to access the Internet from your network is through a proxy then it must be a transparent proxy or it must be configured in the browser for HTTPS connections.

We do not support proxies requiring authentication.

 

Firewall behaviors

In some cases, we have seen users experiencing issues with media (audio and video) after a short period of usage. This might be related to their firewall or endpoint security settings where stateful packet inspection or flood control will deprioritize or throttle media streams, hence reducing the quality or, in some cases, blocking the stream. In these extreme cases, we recommend you contact your company’s IT security.

 

Microsoft Teams

If you are using KUDO with Microsoft Teams, while all the above security considerations apply, you will need to allow or whitelist the following sub-domains and ports:

  • https://teams-bot.kudoway.com
  • https://teams-web.kudoway.com
  • TCP port: 8445
  • TCP port: 9444

 

IP ranges

KUDO is using dynamic IP and elastic load balancing; hence we cannot guarantee the exact IPs used for your meetings. However, we can provide you with a range. For technical and security reasons, we do change these ranges periodically. If your company is whitelisting these ranges, you can explicitly ask KUDO to add you to our mailing list to get an updated range. We do notify customers three weeks ahead of the changes.

 

IP version support

KUDO platforms support IPv4. The support for IPv6 will be available in Q2 2022. 

 

IP Range

You might have to whitelist two sections, depending on your firewall security settings and policies:

  1. Account region related
  2. KUDO Media Services

 

Updated IP range as of March 2022

USA Server (Mandatory if the account is in the US region)
44.194.123.245 
54.183.2.235
Europe Server (Mandatory if the account is in the European region)
3.125.64.235 
34.247.171.240
Canada Server (Mandatory if the account is in the Canadian region)
3.97.146.187
CHINA Server (Mandatory if the account is in the China region)
47.52.44.158
47.52.109.58
KUDO Media Services (Mandatory)
{
 "ipv4": [

  "3.123.12.128/28",
  "3.127.48.224/28",
  "3.214.145.96/27",
  "3.234.232.160/27",
  "3.234.248.80/28",
  "3.235.255.176/28",
  "3.248.234.48/28",
  "3.248.243.144/28",
  "3.248.244.96/27",
  "3.25.48.192/28",
  "3.38.113.0/24",
  "3.38.114.0/24",
  "3.38.91.128/25",
  "3.7.161.0/26",
  "3.7.161.48/28",
  "13.251.158.0/28",
  "15.228.1.16/28",
  "18.139.118.176/28",
  "18.141.165.128/27",
  "18.156.18.0/27",
  "18.157.71.112/28",
  "18.179.48.208/28",
  "18.180.159.224/27",
  "18.202.216.0/28",
  "34.218.216.144/28",
  "34.222.66.96/28",
  "34.223.51.192/27",
  "34.223.51.224/27",
  "35.158.127.224/28",
  "44.232.236.96/27",
  "44.234.90.64/28",
  "52.200.60.16/28",
  "52.213.63.176/28",
  "52.41.63.240/28",
  "52.51.63.16/28",
  "52.65.127.192/27",
  "52.66.255.192/27",
  "54.233.127.224/29",
  "54.250.250.208/28",
  "54.69.125.241/32",
  "54.89.253.64/28",
  "99.79.160.16/28",
  "99.80.88.240/28",
  "168.100.64.0/18"
 ]
}

 

Related articles