Firewall and network config
This guide, for IT teams, explains how to configure your network so that people can use Attend Anywhere. After reading this guide, you’ll know the TCP and UDP ports you need to open in your firewall.
When people use Attend Anywhere from your organisation’s network, they need to access to the Attend Anywhere site and the services that it depends on. In this guide we use the following requirement levels for network access:
-
Required: Attend Anywhere doesn’t work without this network access.
-
Recommended: Improves the user experience for patients and providers.
-
Optional: Performance and quality monitoring which help us fix problems.
Firewall ports
Attend Anywhere uses WebRTC (Web real-time communication) and HTTPS to transfer video-call data between devices. Check that your firewall opens the destination ports shown in the following tables.
Individual appointments
Allow the following destination ports on your firewall:
Requirement |
Destinations |
Ports |
Usage |
---|---|---|---|
Required |
52.49.123.201 |
UDP/3478 |
High-quality video and audio data for calls use port 3478. Lower-bandwidth versions of the data use port 443. |
Required |
99.77.128.0/18 |
UDP/3478 |
Video and audio data for next-generation calls. |
Group consultations
Allow the following destination ports on your firewall:
Requirement |
Destinations |
Ports |
Usage |
---|---|---|---|
Required |
140.238.95.196 |
UDP/443 |
WebRTC’s relay (TURN) servers which help route video and audio data. |
Required |
3.9.41.96/27 |
UDP/10000 |
Video data for calls. |
Web access
If your organisation uses a web filter or your firewall blocks HTTPS connections (TCP port 443) by default, you need to allow access to the sites shown in the following tables.
Calls and management console
Tip. If you don't want to include wildcard domains (the * symbol) for Amazon Web Services (AWS) in your firewall, use the AWS IP address ranges. Find IP addresses for the CHIME_MEETINGS
, CLOUDFRONT
or S3
services in the eu-west-2
region. To help keep your config up to date, we recommend subscribing to AWS change notifications.
Allow access to the following sites:
Requirement |
Site |
Usage |
---|---|---|
Required |
https://<your-aa-site> |
Your Attend Anywhere site. For example, nhs.attendanywhere.com or england.nhs.attendanywhere.com. |
Required |
https://chime.aws |
Video and audio data for next-generation calls. |
Required |
https://*.chime.aws |
Video and audio data for next-generation calls. |
Required |
https://*.sdkassets.chime.aws |
Services supporting next-generation calls. |
Group consultations
Allow access to the following sites:
Requirement |
Site |
Usage |
---|---|---|
Required |
https://london.8x8.vc |
London endpoint for group-consultation calls. |
Required |
https://8x8.vc |
User-interface and browser performance statistics for service improvements. |
Required |
https://api-vo.jitsi.net |
Group consultation APIs. |
Required |
https://rtcstats-server-8x8.jitsi.net |
Analytics services. |
Required |
https://web-cdn.jitsi.net |
Static resources for calls. |
Realtime status
Allow access to the following sites:
Requirement |
Site |
Usage |
---|---|---|
Required |
https://cdn.pubnub.com |
JavaScript libraries for realtime status. |
Recommended |
https://*.pndsn.com |
PubSub notification messages for call status updates. |
Design and type
Allow access to the following sites:
Requirement |
Site |
Usage |
---|---|---|
Recommended |
https://*.googleapis.com |
Stylesheet API for Google Fonts. |
Recommended |
https://*.gstatic.com |
Web-font files from Google Fonts. |
Recommended |
https://media-prod-*-eu-west-2.s3.eu-west-2.amazonaws.com |
Display of images embedded in the pages. |
Feedback and monitoring
Allow access to the following sites:
Requirement |
Site |
Usage |
---|---|---|
Optional |
https://*.nr-data.net |
User-interface and browser performance monitoring. |
Optional |
https://js-agent.newrelic.com |
Application-performance monitoring for service improvement. |
Troubleshooting
Because our network config does change, we recommend comparing your firewall settings with this guide at regular intervals. We do expect these settings to change throughout 2024.
Guide updated: Wednesday, 1 May 2024