Communication
List of ports that are required for UCS to run properly.
For functional auto-provisioning, you need to set Option 66 (TFTP server name) on the DHCP server
DHCP Option 66 must be of type String/Text
Services provided by the exchange
The following services are provided by UCS. On the firewalls, permutations are therefore set up on UCS, communication is initiated by IP telephones, users, telephone operators, external parties IS, etc.
| Port | Protocol | Comm. initiation direction | Service | Uses | Purpose |
|---|---|---|---|---|---|
| 22 | tcp | * -> IP UCS | SSH | administrators | administration |
| 53 | udp | * -> IP UCS | DNS | IP phones | XML services on IP phones |
| 67 | udp | * -> IP UCS | DHCP | IP phones | IP address allocation |
| 69 | udp | * -> IP UCS | TFTP | IP phones | provisioning |
| 80 | tcp | * -> IP UCS | HTTP | administrators, operators, IP phones | redirect to HTTPS |
| 123 | udp | * -> IP UCS | NTP | IP phones | time synchronization |
| 443 | tcp | * -> IP UCS | HTTPS | administrators, operators, IP phones | management, use of telephony |
| 514 | udp | * -> IP UCS | Syslog | IP phones | logging in |
| 3478 | udp | * -> IP UCS | STUN/ICE | Web Softphones | NAT detection |
| 5060 | udp | * -> IP UCS | SIP | IP phones, PBX trunks | call joining |
| 5061 | tcp | * -> IP UCS | SIP/TLS | IP phones, PBX trunks | call joining |
| 10000-20000 | udp | * -> IP UCS | RTP | IP and SW phones, PSTN and PBX trunks | voice and video transmission |
Observability stack (internal)
The observability stack (Grafana, Loki, Tempo, Prometheus, OpenTelemetry Collector) is installed automatically with UCS — see Observability. These services listen on all interfaces but are typically used over localhost. If you ship telemetry between hosts (e.g. an agent on one node pushing to a central collector elsewhere), open the relevant OTLP ports on the firewall.
| Port | Protocol | Service | Purpose |
|---|---|---|---|
| 3030 | tcp | Grafana | Web UI under /grafana/ (direct; usually proxied through Traefik on :443) |
| 3100 | tcp | Loki | HTTP API — log ingestion and query |
| 3200 | tcp | Tempo | HTTP API — trace query |
| 4317 | tcp | otelcol-contrib | OTLP gRPC — telemetry ingestion from applications |
| 4318 | tcp | otelcol-contrib | OTLP HTTP — telemetry ingestion from applications |
| 4319 | tcp | Tempo | OTLP gRPC — trace ingestion from the collector |
| 9091 | tcp | Prometheus | HTTP API — metrics query and OTLP remote-write receiver |
External clients (web pages, mobile apps) can push telemetry over HTTPS through Traefik on port 443, at the path /otel/v1/{traces,metrics,logs} — Traefik strips the /otel prefix and forwards to the local collector.
Services used by the exchange
The following services are used by UCS. On the firewalls, permutations are therefore set up from UCS, communication is initiated by UCS towards telephones, telephone operators, to external IS, to Microsoft Active Directory, etc.
| Port | Protocol | Comm. initiation direction | Service | Target System | Purpose |
|---|---|---|---|---|---|
| 53 | udp | IP UCS -> * | DNS | DNS of the company (e.g. AD) or on the Internet | OS update |
| 80 | tcp | IP UCS -> * | HTTP | Internet | OS update |
| 123 | udp | IP UCS -> * | NTP | Company's NTP (eg AD) or on the Internet | time synchronization |
| 443 | tcp | IP UCS -> * | HTTPS | information systems, Internet | integration, OS update |
| 514 | udp | IP UCS -> * | Syslog | Log server (eg Kibana/Logstash etc.) | logging in |
| 5060 | udp | IP UCS -> * | SIP | IP phones, PBX trunks | call joining |
| 10000-20000 | udp | IP UCS -> * | RTP | IP phones, PSTN and PBX trunks | voice and video transmission |