Skip to main content

1.8 White-Listing FrontM Traffic

Guillermo Acilu
  • Updated
Instructions for Service Providers to enable FrontM application usage on SatCom/MSS/VSAT connected vessels and remote sites.
The FrontM platform uses a number of IP addresses and ports for the range of functions on the platform. Unlike standard distributed cloud architectures that use dynamic IP addresses, FrontM platform has been carefully architected to enable scalability over fixed IP ranges. This means our satellite connectivity partners and installers can easily configure the traffic rules by white-listing FrontM IP addresses.

 

Traffic White-list  

Service providers may choose either Option 1 or Option 2 configurations below. 

Option 1. FQDN White-listing

Where it is possible to white-list Fully Qualified Domain Names (FQDN), all of the below three domains need to be allowed for platform communication and automation functions to work: 

 

FQDN Protocol Ports
*.frontm.ai TCP 443 and 9000
*.frontm.com TCP 443
onship.app TCP 443 and 9000

 

Some routers might not be fully compatible with wildcard subdomain whitelisting and not all subdomains would be allowed. If this is the case, please whitelist the following subdomains:

  1. Instead of *.frontm.ai: Whitelist frontm.ai, gw.frontm.ai, loft.frontm.ai, telemed.frontm.ai and pstn-prod.frontm.ai.
  2. Instead of *.frontm.com: Whitelist app.frontm.com.

 

Option 2. IP-Address and Ports White-listing

 

For those who cannot white list FQDN, below are the IP addresses and ports used by FrontM communications platforms to white-list.

 

IP Addresses Protocol Ports

54.159.127.147 (app.frontm.com)

34.227.204.106 (app.frontm.com)

50.16.138.56 (onship.app)

3.211.195.207 (onship.app)

52.71.91.39 (onship.app)

18.207.34.30 (frontm.ai)

34.236.247.246 (frontm.ai)

54.163.147.210 (frontm.ai)

44.208.62.62

52.4.4.61

54.235.123.27

 TCP 443
35.173.108.83 (resources)
3.227.118.201 (resources)		 TCP 443and 9000

3.215.234.16 (onship.app)

184.73.245.130 (onship.app)

 TCP 4443 and 443

35.169.158.147 (video conferencing)

 TCP 443 and 5349

35.169.158.147 (video conferencing)

 UDP 10000 and 3478

34.194.175.207 (Telemedicine)

 TCP 443 and 5349

34.194.175.207(Telemedicine)

 UDP 10000
3.225.201.214 (PSTN calls)

 

 TCP 5060, 7089 and 8089
3.225.201.214 (PSTN calls) UDP 5060, 6000 to 20000

 

In order to receive push notifications on closed networks, the following IPs and ports need to be opened for INCOMING traffic:

System IP Addresses Ports
Apple 17.249.0.0/16
17.252.0.0/16
17.57.144.0/22
17.188.128.0/18
17.188.20.0/23		 5223, 443 and 2197
Google No IP restrictions since Google changes them very often 5228, 5229,5230 and 443

 

Testing The Configuration

To verify if you have access to FrontM from your network follow the below steps

  1. Launch the below URL from a browser on a computer connected to the network on the remote site:  https://onship.app/status
  2. Click on the “Run all tests” button

For any additional support, please do not hesitate to write to support@frontm.com for assistance. Thank you for referring to FrontM documentation.

Related articles

Comments

0 comments

Please sign in to leave a comment.