VSee Firewall Rules (Outdated)

Note: The updated firewall rules can be found here.

For minimum functionality with VSee, the firewall should allow connections to the hosts listed below.  Note that hosts will be added to this list as demand for VSee grows.

VSee XMPP Servers

Allow connections over HTTPS (TCP/5222 is preferred, but performance impact is minimal).

  • talk.vsee.com (points to one or the hosts below)
  • xmpp01.vsee.com
  • xmpp02.vsee.com
  • xmpp03.vsee.com

VSee Relay Servers

Allow connections over UDP 6000 for best performance.  Allow connections via HTTPS or HTTP for lesser performance.

  • cl-relay.vsee.com (points to one or the hosts below)
  • usw01-rel.vsee.com
  • usw02-rel.vsee.com
  • usw03-rel.vsee.com
  • use01-rel.vsee.com
  • use02-rel.vsee.com
  • use03-rel.vsee.com
  • use04-rel.vsee.com
  • use05-rel.vsee.com
  • jp01-rel.vsee.com
  • sg01-rel.vsee.com
  • euw01-rel.vsee.com
  • euw02-rel.vsee.com

Note: if you employ VSee Messenger within US only, you may restrict media traffic to within US by opting to whitelist usw*-rel.vsee.com and use*-rel.vsee.com only

VSee STUN Servers

Allow connections over UDP 6000 or 3478 to these servers to allow VSee clients to make direct UDP connections.

  • stun01.vsee.com
  • stun02.vsee.com
  • stun-map01.vsee.com
  • stun-map02.vsee.com
  • net.vsee.com
  • net-1.vsee.com
  • net-2.vsee.com

VSee Application Servers

Allow connections to these servers over HTTP and HTTPS.  These servers perform account management functions for VSee.

  • vsee.com
  • api.vsee.com
  • client.vsee.com (for Feature Control, strictly required)
  • my.vsee.com (for Profile Management, optional)
  • assets.vsee.com (for Chat File Transfer)
  • ironmq.vsee.com (for Messenger diagnostics)
  • *.pubnub.com (for API clients only)
  • cloudfront.vsee.com (for Messenger updates)
  • vsee-activeapi.firebaseio.com (for API clients only)
  • s3.amazonaws.com (for Cloud Recording clients only, optional)

VSee Bandwidth Measurement Servers

Allow connections to this hostname over HTTP and HTTPS.  The IP addresses of the servers for this hostname can change frequently.

  • bw.vsee.com

For optimal performance: To allow for VSee clients to directly communicate with each other, inbound and outbound UDP on ports 6000 – 6254 should be allowed to all hosts.  This will further improve A/V performance and reduce load on firewalls and web proxies.

Performance Impact of Web Proxies: The VSee client can connect to all the above hosts via a Web Proxy.  However, A/V performance will be dependent on the Web Proxy’s capacity.  Some factors that might affect performance through a proxy are:

  • load on the Web Proxy
  • prioritization of persistent HTTP(S) connections through the proxy.  For best VSee performance, the Web Proxy should allow persistent HTTP(S) connections.

If at all possible, the Web Proxy should be configured to allow traffic to the VSee Relay Servers to proceed directly.

Testing VSee Connectivity

You may test your connectivity with several key resources from VSee Network Test Page. This tests your connectivity with VSee XMPP Servers, VSee Relay Servers over HTTPS only (not preferred) and VSee Application Servers.