To allow connections between the Zoom Meetings Hybrid module, the Zoom Node server, Zoom, and the Zoom Meeting client, the following firewall rules need to be added to your network.
If your Zoom Meetings Hybrid module is behind a firewall, please also set the following parameters:
Protocol | Ports | Source |
Destination |
TCP |
80 |
MeetingConnector.IP | ocsp.digicert.com* |
UDP |
8801, 8802, 8803 |
Hybrid MMRs and ZC | Zoom’s Meetings and Webinars IP range |
UDP | 8801, 8802, 8803 | Hybrid MMR-1 | Hybrid MMR-2* |
TCP | 80, 443 | Zoom Node server | Zoom’s Meetings and Webinars IP range |
UDP | 8801, 8802, 8803*** | Client | Hybrid MMRs |
TCP | 80, 443 | Client | *.zoom.us *.zoomonprem.com |
TCP | 80, 443 | Client | Hybrid MMRs |
TCP | 443 | Hybrid MMRs |
*.zoom.us *.zoomonprem.com one.digicert.com |
*Note: This is only required if running internal mode.
**Note: For ocsp.digicert.com, the firewall needs to allow http and https traffic, as well as DNS resolution.
***Note: In addition to the listed ports, the Zoom client application will use a randomly chosen port from the ephemeral range (1024-65535) as the local source port for communication to the Hybrid MMR, as determined by the hosting operating system. Due to this, any firewall between the client and the Hybrid MMR must allow return traffic back to the client along those ports.
The following ports will need to be configured to allow communication between the Zoom Node server hosting the Meeting Recorder and the NFS Storage utilized for saving recordings:
Protocol | Ports | Source |
Destination |
TCP/UDP |
2049 |
Zoom Node server | Configured NFS server |
TCP/UDP |
111 | Zoom Node server | Configured NFS server |
TCP/UDP |
20048 | Zoom Node server | Configured NFS server |