Network Configuration Checklist
- Use DHCP to assign LAN-side IP addresses; if you prefer to assign your devices a static LAN-side IP, we recommend using DHCP reservation for managing static IP assignments. Statically assigned and managed IPs invariably cause conflicts that are hard to diagnose and troubleshoot. IPFINITY does not require your voice endpoints to have static IP addresses.
- If you have multiple voice endpoints such as phones, PBX, ATAs, etc., they should be located behind a NAT device (typically a router) in order to share your public IP. However you must not have a double-NAT (i.e. two or more NAT devices in a cascade). If you can, expand the NAT table to the maximum allowed size on the NAT device.
- The NAT timeout must be set to a minimum of 5 minutes (300 seconds).
- The Firewall or router must not block any of the following ports or protocols from your voice endpoints or IPFINITY's gateways: SIP, RTP, HTTP and NTP. DNS resolution must be available to the endpoints either publicly or through a private DNS server.
- SIPALG (aka SIP ALG) must be disabled (if this option exists in your router).
- DHCP Option 66, if it exists in your DHCP server, must be disabled.
- NTP access to time.apple.com and time.ipfinity.com must be allowed.
- DNS lookup to any *.ipfinity.com, fm.grandstream.com, and time.apple.com should be allowed.
TCP and UDP traffic to/from any of the following IPFINITY gateways MUST NOT BE BLOCKED:
- f1.ipfinity.com (188.8.131.52)
- fc3.ipfinity.com (184.108.40.206)
- fc4.ipfinity.com (220.127.116.11)
- fe3.ipfinity.com (18.104.22.168)
- fe4.ipfinity.com (22.214.171.124)
- fe5.ipfinity.com (126.96.36.199)
- fe6.ipfinity.com (188.8.131.52)
- b1.ipfinity.com (184.108.40.206)
- b2.ipfinity.com (220.127.116.11)
- b3.ipfinity.com (18.104.22.168)
- b4.ipfinity.com (22.214.171.124)
- b5.ipfinity.com (126.96.36.199)
- b6.ipfinity.com (188.8.131.52)
- a3.ipfinity.com (184.108.40.206)
- getafix.ipfinity.com (220.127.116.11)
SIP and media (RTP) access to and from the IPFINITY gateways must be given the highest priority if a Nightingale solution is not installed onsite.
HTTP and HTTPS access to fm.grandstream.com must be allowed.
For information on testing your network, click here: https://ipfinity.zendesk.com/entries/24891881-How-to-analyze-test-your-Internet-connection