Let's Get Started
The admin panel
LGD features
FAQ's
PRICING & PACKAGING
✳
Whitelisting (VP)
This article describes what can be whitelisted to guarantee a good connection with LetsGetDigital.
DNS Whitelisting
If possible it's best to whitelist based on domain names. The following domains should have access:
*.letsgetdigital.io
*.daily.co
turn.aquila-eu.wbcnf.net
turn.aquila-eu.wbcnf.net is a specific server for Samba used in case certain ports are blocked.
Samba explanation
The server tries to proxy media traffic over UDP or TCP on ports 80 or 443. If media traffic cannot be carried over the direct connection to those UDP ranges on the mediaserver - the front end tries each port / protocol to see if it can carry media traffic that way.
TURN is only used as a last resort, so it either allows the mediaserver UDP range OR allows UDP/443 (preferred) to the TURN server.
For more information see (select the 'Ports' tab):
Technical specifications | Samba Live
Testing the TURN server
You can test in Windows by playing with the in built firewall.
- Create a rule - Block UDP out - ports : 1000-65535 ( don't enable it )
- Join a session and broadcast
- Enable the rule - note your audio and video freezes
- Refresh browser - note your audio and video works again
If you really want to prove TURN is being used to carry traffic, you can also inspect chrome://webrtc-internals/
Select the legacy API to get the stats from there, and find 'Conn-0-1-0) googCandicatePair'
The find 'googleLocalCandidateType'
With the UDP outgoing ports blocked, this changes to relay meaning the TURN server is proxying the media traffic. Without these ports blocked - you will likely see stun or prflx candidate show there.
Used ports
Port
Usage
443
Default SSL connection
3478
For signalling and media tunnelling, where necessary
40000 - 65534
For direct peer-to-peer media connections
Daily.co explanation
Daily uses a variety of domains, IP addresses, ports, and protocols to connect calls. If you're trying to make calls to and from a network behind a corporate firewall, or through a VPN, you'll need to make sure you can access the following domains:
*.daily.coif possible. If not, you'll need to be able to reach these domains in addition to your account'ssubdomain.daily.co:[b.daily.co](<http://b.daily.co>)and[c.daily.co](<http://c.daily.co>)for javascript, images, sounds, and fonts[gs.daily.co](<http://gs.daily.co>)for room status updates
*.wss.daily.cofor SFU media connections. The first hostname will usually resemble an AWS IP, such asip-172-31-10-133-ec2.wss.daily.co.prod-ks.pluot.blue(a Daily-owned server used for ICE negotiation)*.twilio.com(STUN server/TURN relay for coordinating peer-to-peer calls)*.xirsys.com(STUN server/TURN relay for coordinating peer-to-peer calls)
Additionally, you'll want to make sure you can access
*.daily.co on port 443, as it's used for a variety of fallback connection types.For more information see:
Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.
Notion
IP Whitelisting
Let's Get Digital can possibly use the following IP's.
Note: This list contains a very large set of IP addresses. We have a big range of IP addresses because all the services are behind a DDOS-protection layer. Publishing or sharing the IP-addresses
Cloudflare
IPv4
173.245.48.0/20
103.21.244.0/22
103.22.200.0/22
103.31.4.0/22
141.101.64.0/18
108.162.192.0/18
190.93.240.0/20
188.114.96.0/20
197.234.240.0/22
198.41.128.0/17
162.158.0.0/15
104.16.0.0/12
172.64.0.0/13
131.0.72.0/22
IPv
2400:cb00::/32
2606:4700::/32
2803:f800::/32
2405:b500::/32
2405:8100::/32
2a06:98c0::/29
2c0f:f248::/32
Leaseweb
89.255.248.0/21
185.28.68.0/22
149.5.5.128/25
80.231.204.32/27
81.20.70.96/27
37.48.105.96/27
178.162.217.160/27
38.68.192.192/27
80.239.231.64/27
209.58.153.8/29
103.254.152.0/26
43.249.37.244/30
46.28.246.48/29
77.109.138.32/29
23.105.70.232/29
23.108.68.90/29
149.11.174.80/29
Media servers
95.168.174.119
5.79.71.20
3.126.212.8
52.58.3.101
213.227.143.147
85.17.220.8
95.168.174.154
213.227.131.204
213.227.131.205
178.162.151.245
178.162.151.242
85.17.74.233
95.211.97.50
95.211.92.180
95.211.92.179
95.211.97.51
213.227.150.199
Last modified 7mo ago
Copy link