1. Symphony Help Center
  2. Admin Resources
  3. Cloud9 Admin & Troubleshooting

Cloud9 network requirements

Cloud9 supports voice transmission over UDP or TCP protocol. To ensure you can communicate with external parties using Cloud9, please make sure your network is configured to support one of these protocols.

We recommend using UDP for voice traffic; however, if you do not allow external UDP traffic, please use TCP via web proxy using the instructions below.

 

UDP media transport

If you elect to utilize UDP for your SRTP media transport, then the following ports must be made available:

UDP port 3478 for STUN

UDP 16384 to 65535 for SRTP

If outbound UDP is blocked by default, then outbound UDP to the following addresses must be allowed to have Cloud9 provide the TURN media rendezvous/relay services. More of these servers will be added over time, thus it is important that all IP’s below are whitelisted for Cloud9 to provide media relay services globally for all customers.

 

IPs

Virginia: 54.174.51.240/28

Singapore: 52.77.127.240/28

Frankfurt: 52.58.127.240/28

Frankfurt: 52.28.21.193/32

Sydney: 3.27.175.208/29

UAE: 51.112.208.203/32, 51.112.151.255/32

 

Web proxy configuration - TCP port 443 traffic – signaling and media

The Cloud9 domain for all services are *.xhoot.com, *.prod1.xhoot.com, *.<rgn>.prod1.xhoot.com, where <rgn> is use1, euc1, apse1, apse2. Cloud9 uses subdomains of xhoot.com for all its services. Some web proxies may block this domain citing it as an inappropriate domain; however, most web classification services should recognize this domain as ‘Business/Economy’. You may require whitelisting of this domain via your web proxy if your firm is more restrictive by default.

The general guidance is to whitelist *.xhoot.com, *.prod1.xhoot.com. Note that ZScaler proxies do not support the ‘*’ so for ZScaler proxies add .xhoot.com or .prod1.xhoot.com.

Customers often ask which subdomains to whitelist instead of whitelisting all of the xhoot.com domain as mentioned above. Cloud9 may change the subdomains it uses at any time; therefore, whitelisting subdomains is not recommended. If the customer security solution doesn’t allow wildcard whitelisting as mentioned above, then the following hostnames should be whitelisted with the caveat that this could change without warning:

 

APIs

ctiapi.prod1.xhoot.com

calldataapi.xhoot.com

managementapi.xhoot.com

c9auditapi.xhoot.com

c9apiproxy.xhoot.com

ctiapitrader.prod1.xhoot.com

 

Login/logs/user settings

c9rest.xhoot.com

 

Cloud9 Admin Portal (user admin portal)

c9portal.xhoot.com

 

Recording upload

jrec.prod1.xhoot.com

jrec-jjj.prod1.xhoot.com

 

Signaling

c9so-eip.xhoot.com

c9so-apse1.xhoot.com

c9so-apse2.xhoot.com

c9so-euc1.xhoot.com

c9so-use1.xhoot.com

so.use1.prod1.xhoot.com

so.euc1.prod1.xhoot.com

so.apse1.prod1.xhoot.com

so.apse2.prod1.xhoot.com


Media servers

stun1.use1.prod1.xhoot.com

stun2.use1.prod1.xhoot.com

stun6.use1.prod1.xhoot.com

stun10.use1.prod1.xhoot.com

stun11.use1.prod1.xhoot.com

stun12.use1.prod1.xhoot.com

stun1.euc1.prod1.xhoot.com

stun3.euc1.prod1.xhoot.com

stun6.euc1.prod1.xhoot.com

stun8.euc1.prod1.xhoot.com

stun9.euc1.prod1.xhoot.com

stun10.euc1.prod1.xhoot.com

stun1.apse1.prod1.xhoot.com

stun2.apse1.prod1.xhoot.com

stun5.apse1.prod1.xhoot.com

stun1.apse2.prod1.xhoot.com

stun2.apse2.prod1.xhoot.com

 

Signaling support

Cloud9 uses WebSockets for signaling by implementing the socket.io (http://socket.io/) HTTP Web Sockets implementation. Please note that some older web proxies are not capable of supporting the HTTP UPGRADE method required for Websocket creation. This will block Cloud9 client’s ability to log in to the service.

 

Media (TCP SRTP) support

If you are capable of logging in to the service via your web proxy, then you will also be capable of sending your SRTP media via the web proxy without any additional configuration required on your network. However, within the Cloud9 Admin Portal, there is a setting known as “Voice via Web Proxy” that needs to be activated for each user.

 

Enabling Web Proxy in the Cloud9 application

When electing to transport media traffic over TCP, you will need enable the 'Automatically detect settings' option under Proxy Settings found in Settings on the Cloud9 login screen.

  1. Launch Cloud9.
  2. Click the Settings icon in the bottom right corner.

  1. Click Automatically detect settings under 'Proxy Settings' and then click OK.

Based on your organization's settings, some features in this Knowledge Article may not be applicable to you. Please contact your Technical Account Manager (TAM), Symphony Support, or your internal IT team with any questions.

Articles in this section See more