Yate Web Interface

Return to site

Yate Web Interface

Yate Web Interface Software
Yate Web Interface Tutorial
Skip to end of metadataGo to start of metadataThe table below outlines all the ports used on your PBX that you need to open on your hardware firewall if you want outside users to have access to things. These are default port assignments for new installs, but most can be changed by the user post install. Legacy versions may have used different default port numbers (notably http provisioning) and the original port numbers remain unaffected when the system is upgraded. Imvu official download.

Yate client(Qt) - launch the Yate client; Yate Cosole - launch the Yate server Yate Web Site Installing Yate from SVN Requirements. TortoiseSVN; at least Visual Studio 2005 Compiling Yate on Windows. To compile please build the 'YATE' project - it will build the library and all modules without external dependencies. Before using the interface, the WebGUI must be given write right to Yate's configuration directory. The command that has to be run as root is: chmod a+rw /etc/yate (If yatebts is installed from package.) or chmod a+rw /usr/local/etc/yate/ (If yatebts is installed from sources.). A gateway for engines with a J1708 serial interface to a NMEA 2000 marine digital network. It supports three protocols that work over J1708: the standard J1587 used by many manufacturers, the proprietary Cummins KCM-II and the proprietary Volvo Penta protocol used in engines with EDC I.

→ For a list of IPs your PBX will need to communicate with, please see Allowed IPs for PBXact Upgrade. 
PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
22TCPSSH ConsoleThis can only be changed inside from inside Linux CLI and not recommended to be changed.Not recommended to open this up to untrusted networks.Port used to allow SSH to the PBX from the outside world.
80 FreePBX
Colorsnapper2 v 1 1 3 download free. 2001 PBXact
TCPPBX GUI HTTP (Non HTTPS)Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Not recommended to open this up to untrusted networks.Used to access the PBX Admin GUI
443
TCPPBX GUI HTTPSCan change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Not recommended to open this up to untrusted networks.Used to access the PBX Admin GUI with SSL encryption
1194TCP/UDPOpenVPN serverChange not supportedCan open to untrusted hostsUsed to connect OpenVPN clients to PBX VPN Server.
PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
5060UDPchan_PJSIP SignalingCan change this port inside the PBX Admin GUI SIP Settings module.Not recommended to open this up to untrusted networks.Standard Port used for chan_PJSIP Signalling.
5061chan_PJSIP
Secure Signaling
Can change this port inside the PBX Admin GUI SIP Settings module.Not recommended to open this up to untrusted networks.Secure Port used for chan_PJSIP Signalling.
5160UDPchan_SIP SignalingCan change this port inside the PBX Admin GUI SIP Settings module.Not recommended to open this up to untrusted networks.Standard Port used for chan_SIP Signalling.
5161chan_SIP
Secure SignalingCan change this port inside the PBX Admin GUI SIP Settings module.Not recommended to open this up to untrusted networks.Secure Port used for chan_SIP Signalling.
10000-20000UDPRTP for SIPCan change this port inside the PBX Admin GUI SIP Settings module.Safe to open to the outside world and is required by most SIP Carriers as your RTP traffic can come from anywhere.Used for the actual voice portion of a SIP Call.
4569UDPIAXCan change this port inside the PBX Admin GUI IAX Settings module.Not recommended to open this up to untrusted networks.Used for IAX protocol and trunking
4000-4999UDPFAX UDPTLNot configurable in the GUI, on by editing custom conf file.
Used for T38 fax media

PORT	TCP/UDP	PURPOSE	CHANGING PORT	SECURITY	NOTES
22	TCP	SSH Console	This can only be changed inside from inside Linux CLI and not recommended to be changed.	Not recommended to open this up to untrusted networks.	Port used to allow SSH to the PBX from the outside world.
80 FreePBX Colorsnapper2 v 1 1 3 download free. 2001 PBXact	TCP	PBX GUI HTTP (Non HTTPS)	Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.	Not recommended to open this up to untrusted networks.	Used to access the PBX Admin GUI
443	TCP	PBX GUI HTTPS	Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.	Not recommended to open this up to untrusted networks.	Used to access the PBX Admin GUI with SSL encryption
1194	TCP/UDP	OpenVPN server	Change not supported	Can open to untrusted hosts	Used to connect OpenVPN clients to PBX VPN Server.

PORT	TCP/UDP	PURPOSE	CHANGING PORT	SECURITY	NOTES
5060	UDP	chan_PJSIP Signaling	Can change this port inside the PBX Admin GUI SIP Settings module.	Not recommended to open this up to untrusted networks.	Standard Port used for chan_PJSIP Signalling.
5061	chan_PJSIP Secure Signaling	Can change this port inside the PBX Admin GUI SIP Settings module.	Not recommended to open this up to untrusted networks.	Secure Port used for chan_PJSIP Signalling.
5160	UDP	chan_SIP Signaling	Can change this port inside the PBX Admin GUI SIP Settings module.	Not recommended to open this up to untrusted networks.	Standard Port used for chan_SIP Signalling.
5161	chan_SIP Secure Signaling	Can change this port inside the PBX Admin GUI SIP Settings module.	Not recommended to open this up to untrusted networks.	Secure Port used for chan_SIP Signalling.
10000-20000	UDP	RTP for SIP	Can change this port inside the PBX Admin GUI SIP Settings module.	Safe to open to the outside world and is required by most SIP Carriers as your RTP traffic can come from anywhere.	Used for the actual voice portion of a SIP Call.
4569	UDP	IAX	Can change this port inside the PBX Admin GUI IAX Settings module.	Not recommended to open this up to untrusted networks.	Used for IAX protocol and trunking
4000-4999	UDP	FAX UDPTL	Not configurable in the GUI, on by editing custom conf file.		Used for T38 fax media

PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
81
TCPPBX User Control Panel (UCP) HTTP (Non HTTPS)Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS version of PBX User Control Panel instead for remote users.Port used to access the GUI portion of UCP
4443
TCPPBX User Control Panel (UCP) HTTPSCan change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Safe to open this up to untrusted networks as the traffic is encrypted and requires username and password authentication.Port used to access the GUI portion of UCP with SSL encryption
8088TCPWebRTC Unencrypted Softphone ClientCan change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTP Bind PortNot recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS versionUsed for the WebRTC portion of UCP
8089TCPWebRTC Encrypted Softphone ClientCan change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTPS Bind PortSafe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used for the WebRTC portion of UCP
8001TCPNode ServerCan change this port inside the PBX Admin GUI > Advanced Settings > UCP NodeJS Server > NodeJS Bind PortNot recommended to open this up to untrusted networks as the traffic is not encrypted. Used by UCP with HTTP for Conf Rooms and Chatting and other products in UCP
8003TCPNode Server (secure)Can change this port inside the PBX Admin GUI > Advanced Settings > UCP NodeJS Server > NodeJS HTTPS Bind PortSafe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used by UCP with HTTPS for Conf Rooms and Chatting and other products in UCP
PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
84
TCPHTTP Provisioning for Phones (Non HTTPS)Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS Phone Provisioning option of instead for remote users.Make sure if opening up outside access to enable username and password authentication for HTTP provisioning from the PBX Admin GUI System Admin > Provisioning Protocol.  Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning. In the past, http provisioning defaulted to port 83. When upgrading older systems, the port assignments to not change from their original settings.
1443
TCPHTTPS Provisioning for PhonesCan change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Safe to open this up to untrusted networks as the traffic is encrypted as long as your enable username and password authentication as outlined in the Notes section.Make sure if opening up outside access to enable username and password authentication for HTTP provisioning from the PBX Admin GUI System Admin > Provisioning Protocol.  Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
21TCPFTP Provisioning for PhonesThis can only be changed inside from inside Linux CLI and not recommended to be changed.Not recommended to open this up to untrusted networks as it has no ability encrypt traffic and is not NAT Friendly. Recommend using HTTPS provisioning for remote phones instead.Used if your are having phones inside EPM use TFTP for provisioning. Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
69UDPTFTP Provisioning for PhonesThis can only be changed inside from inside Linux CLI and not recommended to be changed.Not recommended to open this up to untrusted networks as it has no ability encrypt traffic and is not NAT Friendly.Used if your are having phones inside EPM use TFTP for provisioning. Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
82 The gift of life movie trailer.
TCPPhone Apps HTTP (Non HTTPS)Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using Phone Apps HTTPS option of instead for remote users.Port used for phone apps to communicate with the PBX as HTTP not HTTPS traffic. Inside EPM you pick if the phone apps use HTTP or HTTPS.
3443
TCPPhone Apps HTTPSCan change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Safe to open this up to untrusted networks as the traffic is encrypted.Port used for phone apps to communicate with the PBX using SSL encryption. Inside EPM you pick if the phone apps use HTTP or HTTPS.
PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
8002
TCPZulu 3 Client Communication with PBXCan change this port inside the PBX Admin GUI > Advanced Settings > Zulu Section > Zulu Bind AddressSafe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used for signalling
10000-20000UDPMedia - RTPThe port can be changed by going to Settings → Asterisk SIP Settings → General SIP Settings Tab. Note: Zulu uses the same rtp port configuration as SIP.Safe to open this up to untrusted networks, as your RTP traffic can come from anywhere your Zulu users are connecting from.Used for handling media during a call

PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
8002
TCPZulu 2 Client Communication with PBXCan change this port inside the PBX Admin GUI > Advanced Settings > Zulu Section > Zulu Bind AddressSafe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Zulu 2.0 requires this and the ports below to be opened. NOTE: You may require the 'RTP for SIP' port range to be open as well, for call audio.
8088TCPZulu 2.0 Unencrypted Softphone ClientCan change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTP Bind PortIf using Zulu 3.0 this port should not be open. Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS versionUsed for the softphone portion of Zulu
8089TCPZulu 2.0 Encrypted Softphone ClientCan change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTPS Bind Port If using Zulu 3.0 this port should not be open. Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used for the softphone portion of Zulu
5000TCPZulu 2.0 ChatAt this time can not change the portIf using Zulu 3.0 this port should not be open. Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used for chat portion of Zulu
Yate Web Interface Software

PORT	TCP/UDP	PURPOSE	CHANGING PORT	SECURITY	NOTES
81	TCP	PBX User Control Panel (UCP) HTTP (Non HTTPS)	Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.	Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS version of PBX User Control Panel instead for remote users.	Port used to access the GUI portion of UCP
4443	TCP	PBX User Control Panel (UCP) HTTPS	Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.	Safe to open this up to untrusted networks as the traffic is encrypted and requires username and password authentication.	Port used to access the GUI portion of UCP with SSL encryption
8088	TCP	WebRTC Unencrypted Softphone Client	Can change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTP Bind Port	Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS version	Used for the WebRTC portion of UCP
8089	TCP	WebRTC Encrypted Softphone Client	Can change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTPS Bind Port	Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.	Used for the WebRTC portion of UCP
8001	TCP	Node Server	Can change this port inside the PBX Admin GUI > Advanced Settings > UCP NodeJS Server > NodeJS Bind Port	Not recommended to open this up to untrusted networks as the traffic is not encrypted.	Used by UCP with HTTP for Conf Rooms and Chatting and other products in UCP
8003	TCP	Node Server (secure)	Can change this port inside the PBX Admin GUI > Advanced Settings > UCP NodeJS Server > NodeJS HTTPS Bind Port	Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.	Used by UCP with HTTPS for Conf Rooms and Chatting and other products in UCP

PORT	TCP/UDP	PURPOSE	CHANGING PORT	SECURITY	NOTES
84	TCP	HTTP Provisioning for Phones (Non HTTPS)	Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.	Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS Phone Provisioning option of instead for remote users.	Make sure if opening up outside access to enable username and password authentication for HTTP provisioning from the PBX Admin GUI System Admin > Provisioning Protocol. Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning. In the past, http provisioning defaulted to port 83. When upgrading older systems, the port assignments to not change from their original settings.
1443	TCP	HTTPS Provisioning for Phones	Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.	Safe to open this up to untrusted networks as the traffic is encrypted as long as your enable username and password authentication as outlined in the Notes section.	Make sure if opening up outside access to enable username and password authentication for HTTP provisioning from the PBX Admin GUI System Admin > Provisioning Protocol. Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
21	TCP	FTP Provisioning for Phones	This can only be changed inside from inside Linux CLI and not recommended to be changed.	Not recommended to open this up to untrusted networks as it has no ability encrypt traffic and is not NAT Friendly. Recommend using HTTPS provisioning for remote phones instead.	Used if your are having phones inside EPM use TFTP for provisioning. Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
69	UDP	TFTP Provisioning for Phones	This can only be changed inside from inside Linux CLI and not recommended to be changed.	Not recommended to open this up to untrusted networks as it has no ability encrypt traffic and is not NAT Friendly.	Used if your are having phones inside EPM use TFTP for provisioning. Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
82 The gift of life movie trailer.	TCP	Phone Apps HTTP (Non HTTPS)	Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.	Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using Phone Apps HTTPS option of instead for remote users.	Port used for phone apps to communicate with the PBX as HTTP not HTTPS traffic. Inside EPM you pick if the phone apps use HTTP or HTTPS.
3443	TCP	Phone Apps HTTPS	Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.	Safe to open this up to untrusted networks as the traffic is encrypted.	Port used for phone apps to communicate with the PBX using SSL encryption. Inside EPM you pick if the phone apps use HTTP or HTTPS.

PORT	TCP/UDP	PURPOSE	CHANGING PORT	SECURITY	NOTES
8002	TCP	Zulu 3 Client Communication with PBX	Can change this port inside the PBX Admin GUI > Advanced Settings > Zulu Section > Zulu Bind Address	Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.	Used for signalling
10000-20000	UDP	Media - RTP	The port can be changed by going to Settings → Asterisk SIP Settings → General SIP Settings Tab. Note: Zulu uses the same rtp port configuration as SIP.	Safe to open this up to untrusted networks, as your RTP traffic can come from anywhere your Zulu users are connecting from.	Used for handling media during a call

PORT	TCP/UDP	PURPOSE	CHANGING PORT	SECURITY	NOTES
8002	TCP	Zulu 2 Client Communication with PBX	Can change this port inside the PBX Admin GUI > Advanced Settings > Zulu Section > Zulu Bind Address	Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.	Zulu 2.0 requires this and the ports below to be opened. NOTE: You may require the 'RTP for SIP' port range to be open as well, for call audio.
8088	TCP	Zulu 2.0 Unencrypted Softphone Client	Can change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTP Bind Port	If using Zulu 3.0 this port should not be open. Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS version	Used for the softphone portion of Zulu
8089	TCP	Zulu 2.0 Encrypted Softphone Client	Can change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTPS Bind Port	If using Zulu 3.0 this port should not be open. Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.	Used for the softphone portion of Zulu
5000	TCP	Zulu 2.0 Chat	At this time can not change the port	If using Zulu 3.0 this port should not be open. Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.	Used for chat portion of Zulu

PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
81
TCPPBX User Control Panel (UCP) HTTP (Non HTTPS)Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS version of PBX User Control Panel instead for remote users.Port used to access the GUI portion of UCP
4443
TCPPBX User Control Panel (UCP) HTTPSCan change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Safe to open this up to untrusted networks as the traffic is encrypted and requires username and password authentication.Port used to access the GUI portion of UCP with SSL encryption
8088TCPWebRTC Unencrypted Softphone ClientCan change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTP Bind PortNot recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS versionUsed for the WebRTC portion of UCP
8089TCPWebRTC Encrypted Softphone ClientCan change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTPS Bind PortSafe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used for the WebRTC portion of UCP
8001TCPNode ServerCan change this port inside the PBX Admin GUI > Advanced Settings > UCP NodeJS Server > NodeJS Bind PortNot recommended to open this up to untrusted networks as the traffic is not encrypted. Used by UCP with HTTP for Conf Rooms and Chatting and other products in UCP
8003TCPNode Server (secure)Can change this port inside the PBX Admin GUI > Advanced Settings > UCP NodeJS Server > NodeJS HTTPS Bind PortSafe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used by UCP with HTTPS for Conf Rooms and Chatting and other products in UCP
PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
84
TCPHTTP Provisioning for Phones (Non HTTPS)Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS Phone Provisioning option of instead for remote users.Make sure if opening up outside access to enable username and password authentication for HTTP provisioning from the PBX Admin GUI System Admin > Provisioning Protocol.  Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning. In the past, http provisioning defaulted to port 83. When upgrading older systems, the port assignments to not change from their original settings.
1443
TCPHTTPS Provisioning for PhonesCan change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Safe to open this up to untrusted networks as the traffic is encrypted as long as your enable username and password authentication as outlined in the Notes section.Make sure if opening up outside access to enable username and password authentication for HTTP provisioning from the PBX Admin GUI System Admin > Provisioning Protocol.  Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
21TCPFTP Provisioning for PhonesThis can only be changed inside from inside Linux CLI and not recommended to be changed.Not recommended to open this up to untrusted networks as it has no ability encrypt traffic and is not NAT Friendly. Recommend using HTTPS provisioning for remote phones instead.Used if your are having phones inside EPM use TFTP for provisioning. Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
69UDPTFTP Provisioning for PhonesThis can only be changed inside from inside Linux CLI and not recommended to be changed.Not recommended to open this up to untrusted networks as it has no ability encrypt traffic and is not NAT Friendly.Used if your are having phones inside EPM use TFTP for provisioning. Inside EPM you define per template if the phones use TFTP, FTP, HTTP or HTTPS provisioning.
82 The gift of life movie trailer.
TCPPhone Apps HTTP (Non HTTPS)Can change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using Phone Apps HTTPS option of instead for remote users.Port used for phone apps to communicate with the PBX as HTTP not HTTPS traffic. Inside EPM you pick if the phone apps use HTTP or HTTPS.
3443
TCPPhone Apps HTTPSCan change this port inside the PBX Admin GUI > System Admin Module > Port Management section.Safe to open this up to untrusted networks as the traffic is encrypted.Port used for phone apps to communicate with the PBX using SSL encryption. Inside EPM you pick if the phone apps use HTTP or HTTPS.
PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
8002
TCPZulu 3 Client Communication with PBXCan change this port inside the PBX Admin GUI > Advanced Settings > Zulu Section > Zulu Bind AddressSafe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used for signalling
10000-20000UDPMedia - RTPThe port can be changed by going to Settings → Asterisk SIP Settings → General SIP Settings Tab. Note: Zulu uses the same rtp port configuration as SIP.Safe to open this up to untrusted networks, as your RTP traffic can come from anywhere your Zulu users are connecting from.Used for handling media during a call

PORTTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
8002
TCPZulu 2 Client Communication with PBXCan change this port inside the PBX Admin GUI > Advanced Settings > Zulu Section > Zulu Bind AddressSafe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Zulu 2.0 requires this and the ports below to be opened. NOTE: You may require the 'RTP for SIP' port range to be open as well, for call audio.
8088TCPZulu 2.0 Unencrypted Softphone ClientCan change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTP Bind PortIf using Zulu 3.0 this port should not be open. Not recommended to open this up to untrusted networks as the traffic is not encrypted. Recommend using HTTPS versionUsed for the softphone portion of Zulu
8089TCPZulu 2.0 Encrypted Softphone ClientCan change this port inside the PBX Admin GUI > Advanced Settings > Asterisk Builtin mini-HTTP section > HTTPS Bind Port If using Zulu 3.0 this port should not be open. Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used for the softphone portion of Zulu
5000TCPZulu 2.0 ChatAt this time can not change the portIf using Zulu 3.0 this port should not be open. Safe to open this up to untrusted networks as the traffic is encrypted with SSL and requires username and password authentication.Used for chat portion of Zulu
Yate Web Interface SoftwareYate Web Interface TutorialPORTSTCP/UDPPURPOSECHANGING PORTSECURITYNOTES
443
5071
4505 4506
TCP 
Outbound Checks
Metrics
RPC N/ARMS only uses these ports for outbound connections. 
Thus, no INBOUND firewall rule changes are necessary. 
If the firewall is configured to block outbound ports/connections, then these ports need to be added to the allowed outbound port list. 