Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note

Video Reader Intercom Pro cloud calling currently can only be made from the following regions because of the availability of cloud servers:
North America, South America, Southeast Asia, East Asia, and Europe

Ethernet Connection and Firewall Configuration

  1. Connecting to LAN:

    • Use an Ethernet connection with DHCP to connect the Smart Hub (ACU) or Single Door Controller (SDC) to the Local Area Network (LAN).

  2. Firewall Settings:

    • Configure firewall settings to communicate with the Avigilon Alta system.

    • Required outbound ports:

      • TCP port 443

      • UDP port 123

  3. Audio and Video Quality for Video Reader Pro and Video Intercom Reader Pro:

    • To ensure optimal audio and video quality, allow access to the following outbound ports and enable UDP hole-punching (or disable symmetric NAT):

      • TCP port 443

      • UDP port 123

      • UDP port 3478 (TURN/UDP servers for connectivity)

      • UDP ports 50000-60000 (WebRTC)

  4. Additional Firewall Considerations:

    • Fortinet firewalls have antivirus software that blocks AWS traffic by default. AWS must be whitelisted.

    • If using an external DNS server, outbound UDP port 53 must be open.

  5. Wi-Fi Unlocking from Mobile App:

    • Ensure the ACU/SDC's inbound TCP port 443 is available within the LAN.

    • Inbound port forwarding on the router, firewall, or NAT device is unnecessary.

    • HTTPS certificate rewriting or TLS/SSL inspection is not allowed.

  6. IP Address and Network Segregation:

    • Avigilon Alta does not provide an IP range or FQDN list of hostnames for Basic and Premium licenses. Most hostnames resolve to dynamic IPs and change during provisioning and configuration updates.

    • To segregate traffic from Avigilon controllers, enable a DMZ for the controllers.

  7. Static Cloud IP for Enterprise Licenses:

    • Avigilon Alta offers a Static Cloud IP for organizations with strict network firewall policies. This simplifies opening a few IP addresses to allow ACU/SDC to connect to the cloud.

    • The latest version of the Open Access (admin) app supports provisioning ACU/SDC devices behind restricted firewalls.

...