Ports required by Alta Cloud Connectors
Last modified: Friday April 26, 2024.
Understand the incoming and outbound connections needed by Alta Cloud Connectors.
Alta Cloud Connectors can have multiple network interfaces, and different services can be enabled or disabled on each.
In addition, rules on your firewall device can be used to limit access to the system, and from the system to other systems. This could be done either for external locations, or to provide network separation within your network.
External connections
Alta Cloud Connectors make outbound connections to the following domains::
- To UDP port 443 on *.aware.avasecurity.com
- To UDP port 443 on *.alta.avigilon.com
- To TCP port 443 on *.aware.avasecurity.com
- To TCP port 443 on *.alta.avigilon.com
- To TCP port 443 on *.dmp.avasecurity.com
- To TCP port 443 on *.ava.uk
- To TCP port 443 on *.motorolasolutions.com
In addition, for Smart Path media to be directly routable, connections are required:
- From UDP ports 32768-65535 on the Cloud Connector
- To UDP port 1024-65535 on any potential IP address of a user’s machine or phone
If these connections are blocked at an external firewall, then Smart Path finds the optimal path for users within the network, but not for external users. A longer, slower path will be found for external users.
To resolve names, Alta Video may also make outbound connections to DNS as configured in the Alta Video user interface or provided over DHCP. The addresses and ports used for this depends on the configuration used.
Connections with local devices
To allow the Cloud Connector to connect to cameras, access control systems and other systems on the local network, it needs to be able to communicate with those devices. It can also provide additional network functionality such as DHCP and NTP for those devices.
Outbound TCP connections from Cloud Connectors
To connect to a device, the Cloud Connector makes outbound connections to it. The port numbers used may differ from these depending on the configuration of the device. Typically the following ports are used:
- TCP to port 443 for encrypted connections.
- TCP to port 80 for unencrypted connections.
- TCP to port 554 for RTSP
Incoming UDP connections to Cloud Connectors
The Cloud Connector can provide additional network services on one or more interfaces.
| Port | Protocol | Description | Enabled by |
|---|---|---|---|
| 69 | DHCP | DHCP server, used to provide DHCP addresses to other devices on this network. | DHCP Server |
| 32768 - 65535 | RTP | Used for media connections from cameras. | Cameras |
Outbound UDP connections from Cloud Connectors
The Cloud Connectors make Onvif discovery protocol probes to UDP port 3702.
Local connections to Cloud Connectors
Inbound TCP connections to Cloud Connectors
The Cloud Connectors also provide additional services for local access to the device, or for local streaming of video over RTSP.
| Port | Protocol | Description | Enabled by |
|---|---|---|---|
| 22 | SSH/SCP | Use for retrieval of diagnostics and debugging. Encrypted, authentication via user credentials. | SSH* |
| 80 | HTTP | Redirects to HTTPS | UI* |
| 322 | RTSPS | Used for Real-Time Streaming of video over TLS/SSL. | RTSPS** |
| 443 | HTTPS | Web interface. Encrypted, authentication via user credentials. | UI* |
| 554 | RTSP | Used for Real-Time Streaming of video. | RTSP** |
* By default, these ports are open, but can be closed from within the Alta Video user interface.
** By default, these ports are closed, but can be opened from within the Alta Video user interface to enable RTSP streaming.
Inbound UDP connections to Cloud Connectors
To aid with discovery of devices, the Cloud Connector responds to mDNS queries.
| Port | Protocol | Description | Enabled by |
|---|---|---|---|
| 5353 | mDNS | mDNS service for allowing device discovery. | ICMP (Ping) |
