Firewall Configuration for Zoom Rooms

In addition to communication with Zoom cloud services, Zoom Rooms controllers and scheduling displays communicate directly over the network with their associated Zoom Rooms computer or appliance. Similarly, Zoom clients using Direct Share communicate directly over the network with a Zoom Rooms computer or appliance. If your devices are on the same WiFi network but are still unable to connect with each other, please check the following on your WiFi router or firewall:

Protocol: TCPPort: 9090

ZR Controller to ZR

Protocol: TCPPort: 443

ZR Controller or Scheduler to Cloud

Protocol: UDP

Port: 3478, 3479, 8801ZR to Cloud
Protocol: TCPPort: 443ZR to Cloud
Protocol: TCPPort: 8888Client to ZR (Direct Share)
Protocol: UDPPort: 8889

Client to ZR (Direct Share)

Note: If you are utilizing calendar integration with your Zoom Rooms, the Zoom Room computer, appliance, or scheduling display needs access to the respective calendaring service, such as Microsoft Office 365 Exchange Online, Google Calendar, or Microsoft Exchange, to be able to check for calendar events and display them as upcoming meetings. Consult the calendaring system documentation for necessary URLs, protocols and ports.

If your controller or scheduling display reports that it is unable to connect to a Zoom Room, and displays the Zoom Room's IP address as, it is likely related to web proxy settings on the Zoom Room's device. You can perform one of the following steps to attempt to resolve the issue:

If your controller, scheduling display and Zoom Rooms computer or appliance are all on the same WiFi network, the WiFi router/access point must permit "hairpinning" to allow the Zoom Rooms controller or scheduling display to communicate to the Zoom Rooms computer or appliance. Please consult the WiFi router/access point vendor's documentation to allow "hairpinning" between clients connected to the same WiFi network. Some vendors have features called "Client Isolation", "AP Isolation", or "Wireless Isolation", and these must be disabled to allow "hairpinning".

If you manage your Zoom Rooms devices with Zoom Device Management (ZDM) and your company network includes firewall or proxy servers, you must allow these devices to access the following URL:


In addition, consult you device vendor's documentation for details on additional URLs necessary to support device firmware updates.