Search

Onoff Business – Technical Network Requirements for VoIP Calls

Rev Ops
Rev Ops
  • Updated

This document describes the networks, protocols, and ports used by Onoff’s VoIP infrastructure to establish and maintain calls.
The information below is particularly relevant for customers operating within corporate network environments using firewalls or restricted network access.

VoIP Technical Overview

VoIP calls rely on two main components:

Signaling

Call signaling is handled using the SIP protocol.

For Onoff customers:

  • SIP operates over TCP 5061 and TCP 443 using TLS encryption.
  • The Web App uses WebRTC.
  • The Mobile Apps use SIP + RTP.

Onoff clients attempt to connect using:

  • TCP 5061
  • TCP 443

Media (RTP Traffic)

Audio streams (media) are transmitted using UDP ports.

When a call starts:

  • A random UDP port between 10000 and 65535 is selected.
  • The opposite media stream uses the selected port +1.

Example:

  • If port 20000 is selected, the second stream will use 20001.

To ensure proper call functionality, Onoff mobile and web clients must be able to communicate freely with our VoIP servers through these ports.

Recommended Internet Bandwidth

To guarantee stable call quality, a minimum level of internet bandwidth is required.

Recommended bandwidth per active call:

  • Minimum: 100 kbps upload and 100 kbps download
  • Recommended for optimal quality: 200 kbps upload and download per call

Important recommendations:

  • Use a stable and low-latency connection.
  • Avoid saturated Wi-Fi networks when possible.
  • For professional environments, prioritize wired Ethernet connections.

Insufficient bandwidth may cause:

  • Audio delays
  • Robotic voice effects
  • Call drops or one-way audio

Firewall Configuration

To allow Onoff VoIP traffic, network administrators should configure firewall rules with one of the following approaches.

Option 1 — Recommended (Full Access)

Allow inbound and outbound traffic to the following IP ranges:

195.201.78.147/32
151.80.169.210/32
151.80.169.192/27
51.254.11.32/27
217.182.219.96/27
178.33.11.64/28
91.134.149.64/28
51.254.247.96/28

Option 2 — Port-Based Access

If full access is not possible, ensure the following ports are allowed:

  • TCP 5061
  • TCP 443
  • UDP 10000–65535

STUN / WebRTC Requirements

Onoff uses STUN servers to resolve media addresses.

If STUN traffic is blocked, browser console errors related to ICE / TURN / STUN may appear.

Useful diagnostic pages:

  • Chrome: chrome://webrtc-internals/
  • Firefox: about:webrtc

STUN Servers Used

stun.cloudflare.com:3478
stun:stun.l.google.com:19302
stun:stun.l.google.com:5349
stun:stun1.l.google.com:3478
stun:stun1.l.google.com:5349
stun:stun2.l.google.com:19302
stun:stun2.l.google.com:5349
stun:stun3.l.google.com:3478
stun:stun3.l.google.com:5349
stun:stun4.l.google.com:19302
stun:stun4.l.google.com:5349

Quick Checklist for Network Administrators

Before reporting a VoIP issue, verify:

  • Firewall rules allow TCP 5061, TCP 443, and UDP 10000–65535
  • STUN servers are accessible
  • Internet bandwidth is sufficient for the number of simultaneous calls
  • Network latency and packet loss remain low

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.