This guide describes the network ports and configuration requirements for a Alleo application connecting to the primary Alleo Cloud endpoint (*.withalleo.com).
Assumptions and Prerequisites
-
Customer’s network environment must support HTTPS web traffic via port 443.
-
No inbound firewall rules are required. All network communication originates from the Alleo web application.
-
Communications to the Alleo cloud targeting port 80 are immediately redirected and enforce secure HTTPS via port 443.
Network Port Requirements
Alleo leverages a modern web client-server software architecture. The IP-based communication between Alleo web app and the Alleo Cloud leverages a RESTful API. This API enforces strict HTTPS to ensure that all traffic is encrypted.
Below is a chart of the Alleo application network communication. In each case, the source is the end user client application.
Port | Protocol | Destination | Direction | Network Interface | Description |
443 |
HTTPS/WSS |
api.withalleo.com |
Bidirectional |
Internet |
Client server API through which all authentication, collaboration, and file transfer occurs |
443 |
HTTPS |
meet.withalleo.com |
Unidirectional |
Internet |
Access to Alleo application |
443 |
HTTPS |
admin.withalleo.com |
Unidirectional |
Internet |
Access to Alleo Admin Portal for user and device administration |
443 |
HTTPS |
widgets.withalleo.com |
Unidirectional |
Internet |
This is required if external widgets are used |
443 |
HTTPS |
display.withalleo.com |
Unidirectional |
Internet |
Access to Alleo Rooms Client (web version) |
443 |
HTTPS |
dc.services.visualstudio.com |
Unidirectional |
Internet |
Optional for Azure logging (using Insights) |
443 |
HTTPS |
support.withalleo.com |
Unidirectional |
Internet |
Alleo Support Portal |
443 |
HTTPS |
help.withalleo.com |
Unidirectional |
Internet |
Alleo Help Center |
443 |
HTTPS/WSS/TCP |
*.tokbox.com *.opentok.com |
Bidirectional |
Internet |
Live audio / live video / screenshare |
3478 |
UDP |
*.tokbox.com *.opentok.com |
Bidirectional |
Internet |
Recommended for better WebRtc experience |
1025 - 65535 |
UDP |
*.tokbox.com *.opentok.com |
Bidirectional |
Internet |
Recommended for best possible WebRtc experience |
Dynamic IP Addresses
Alleo services are dynamically assigned IP addresses which are perpetually subject to change within Microsoft Azure. Customer firewall rules should specify the fully qualified domain name (FQDN) to mitigate the risk of required traffic being blocked as a result of an assigned IP address changing.
Alleo Rooms Application Requirements
-
Security firewalls and other related software can interfere with Alleo connections. If you are experiencing difficulties, try whitelisting the Alleo Rooms application within your security software.
Comments
0 comments
Please sign in to leave a comment.