VSee Firewall Rules (Updated 19 June 2019)

Overview

VSee Messenger will attempt to navigate network architecture to its best ability. However, in order to guarantee the best results, please add the following rules to your corporate firewall / router systems.

Please note VSee is generally not able to provide the fixed IP addresses for these servers because they may be switched without prior notification. However, other than the bandwidth server, most IPs are relatively stationary.

Simplified Rules

If *.vsee.com can be whitelisted, please add them into your firewall rules with the following ports:

PurposeProtocol: PortDetail Servers
VSee Directory, Relay, Call management, Diagnostics etcUDP (STUN): 3478, 6000
UDP: 6000, 1853
UDP: 10000-20000
TCP (XMPP) 5222
TCP: 3478
HTTPS – TLS 1.2: 443
TLS: 443
  • *.vsee.com
Call presence and reportingHTTPS: 443
  • *.pubnub.com
  • vsee-activeapi.firebaseio.com
Cloud recording serviceHTTPS – TLS: 443
  • s3.amazonaws.com
Measure bandwidth for video quality adjustmentHTTP(S): 80, 443
  • bw.vsee.com

 Network Security Diagram
VSee Network Security Diagram v2.0Detailed Rules (US Customers)

If *.vsee.com cannot be whitelisted, the following subdomains and ports are required. Please note the servers listed below are for calls within the United States only.

PurposeProtocol: PortDetail Servers
VSee Directory
Login and address book services.
TCP (XMPP): 5222
HTTPS – TLS 1.2: 443
  • talk.vsee.com
  • xmpp01.vsee.com
  • xmpp02.vsee.com
  • xmpp03.vsee.com
US Relays
Relay packets in case no peer-to-peer connection can be established.
UDP: 6000, 1853
HTTP:80HTTPS: 443
  • cl-relay.vsee.com
  • usw01-rel.vsee.com
  • usw02-rel.vsee.com
  • usw03-rel.vsee.com
  • use01-rel.vsee.com
  • use02-rel.vsee.com
  • use03-rel.vsee.com
  • use04-rel.vsee.com
  • use05-rel.vsee.com
Discover network route for peer-to-peer UDPUDP (STUN): 3478, 6000
  • stun01.vsee.com
  • stun02.vsee.com
  • stun-map01.vsee.com
  • stun-map02.vsee.com
  • net.vsee.com
  • net-1.vsee.com
  • net-2.vsee.com
US TURN ServersUDP: 3478
TCP: 3478
TLS: 443
  • cl-coturn.vsee.com
  • cl-coturn-use01.vsee.com
  • cl-coturn-use02.vsee.com
  • cl-coturn-use03.vsee.com
  • cl-coturn-usw01.vsee.com
  • cl-coturn-usw02.vsee.com
Video BridgeTCP: 443, 4443
UDP: 10000-20000
  • jvb01-nvir.vsee.com
  • jvb02-nvir.vsee.com
Call managementHTTPS – TLS 1.2: 443
  • api.vsee.com
  • client.vsee.com
Chat file transferHTTPS – TLS 1.2: 443
  • assets.vsee.com
Call presence and reportingHTTPS: 443
  • *.pubnub.com
  • vsee-activeapi.firebaseio.com
Messenger diagnosticsHTTPS – TLS 1.2: 443
  • ironmq.vsee.com
Messenger update serviceHTTPS – TLS 1.2: 443
  • cloudfront.vsee.com
Cloud recording (optional depends on contract)HTTPS – TLS: 443
  • s3.amazonaws.com
Bandwidth Test
Measure bandwidth for video quality adjustment
HTTP: 80
HTTPS: 443
  • bw.vsee.com
Profile management (optional)HTTPS – TLS 1.2: 443
  • vsee.com
  • my.vsee.com

Performance Impact of Web Proxies: The VSee client can connect to all the above hosts via a Web Proxy.  However, A/V performance will be dependent on the Web Proxy’s capacity.  Some factors that might affect performance through a proxy are:

  • Load on the Web Proxy
  • Prioritization of persistent HTTP(S) connections through the proxy.  

For optimal performance: To allow for VSee clients to directly communicate with each other, inbound and outbound UDP on ports 6000 – 6254 should be allowed to all hosts.  This will further improve A/V performance and reduce load on firewalls and web proxies.

For best VSee performance, the Web Proxy should allow persistent HTTP(S) connections.

If at all possible, the Web Proxy should be configured to allow traffic to the VSee Relay Servers to proceed directly.

Detailed Rules (International Customers)

For international customers, please apply all rules in the US Customers section as well as the following:

PurposeProtocolDetail Servers
International RelaysUDP: 6000, 1853
HTTP:80
HTTPS: 443
  • jp01-rel.vsee.com
  • sg01-rel.vsee.com
  • euw01-rel.vsee.com
  • euw02-rel.vsee.com
International TURN serversUDP: 3478
TCP: 3478
TLS: 443
  • cl-coturn-euw01.vsee.com
  • cl-coturn-sg01.vsee.com
  • cl-coturn-sg02.vsee.com

Testing VSee Connectivity

  • You can use the following page to test for basic VSee connectivity: VSee Network Test Page
  • If any of the test above result in failure, you need to resolve it first.
  • All tests pass might not mean you will have a successful call. It is important to ensure that the firewall rules are to follow.

Previous VSee Firewall rules can be found here.

Subscribe!