View Source

Call-flow-Diagram

Network Requirements:

Using the flexperto platform requires allowing access to its services over specific ports in order to work. A network administrator in your organization can configure these firewall settings.

Ports

Minimum Requirement:

The minimum Requirement is that TCP ports 80/443 HTTP(S) are open. Some firewall/proxy rules only allow for SSL traffic over port 443. You will need to make sure that non-web traffic can also pass over this port and that WSS (Proxy HTTP 1.1) can be used. In addition, due to browser limitations, you should configure your proxy to not require HTTP Basic Authentication when accessing URL's and IP's listed in the whitelist further down.

If you are using the McAfee WebGateway Proxy in version >= 7.2, "SSL inspection" on Port 443 has to be disabled for traffic towards the listed IPs and Domains further down. This is a known issue in the web gateway: https://community.mcafee.com/thread/59536?tstart=0

In addition, TCP/UDP port 3478 should be open. This connection is bidirectional but always initiated from the corporate network/client so it is not possible for an external entity to send malicious traffic in the opposite direction.

Without port TCP/UDP 3478 open and NAT/Proxies in place, it is likely that the public-facing NAT/Proxy IP cannot be discovered and communication across the borders of the corporate network could fail.

Best Experience:

For the best possible experience, we recommend that TCP/UDP ports 5349 is open.

Whitelisting of IP’s and URL’s

The following IP’s must be whitelisted in any case:

IP	Description
37.61.222.224/27	Network Connectivity - FX DC Main
146.0.229.160/27	Network Connectivity - FX DC FailOver
18.157.71.112/28	Network Connectivity - Streaming - DE
35.158.127.224/28	Network Connectivity - Streaming - DE
3.123.12.128/28	Network Connectivity - Streaming - DE
3.127.48.224/28	Network Connectivity - Streaming - DE
18.156.18.0/27	Network Connectivity - Streaming - DE

The following domains must be whitelisted in any case

Domain	Description
flexperto.com	Platform - General connectivity
*.flexperto.com	Platform - General connectivity
..flexperto.com	Platform - General connectivity
..*.flexperto.com	Platform - General connectivity
ajax.googleapis.com/ajax/libs/jquery/*	CDN (Fonts, CSS, JS Libraries)
fonts.googleapis.com	CDN (Fonts, CSS, JS Libraries)
fonts.gstatic.com	CDN (Fonts, CSS, JS Libraries)
www.google.com/recaptcha/*	Frontend - Login Bot Challenge Protection
www.gstatic.com/recaptcha/*	Frontend - Login Bot Challenge Protection
*.opentok.com	Platform - Streaming connectivity
*.tokbox.com	Platform - Streaming connectivity

The following IP’s should be additionally whitelisted, in case of communication via the Ireland DC is desired:

IP	Description
52.51.63.16/28	Network Connectivity - Streaming - IRL
52.213.63.176/28	Network Connectivity - Streaming - IRL
18.202.216.0/28	Network Connectivity - Streaming - IRL
3.248.234.48/28	Network Connectivity - Streaming - IRL
3.248.243.144/28	Network Connectivity - Streaming - IRL
3.248.244.96/27	Network Connectivity - Streaming - IRL
99.80.88.240/28	Network Connectivity - Streaming - IRL

The following IP’s should be whitelisted:

IP	Description
all IPs included in https://whitelist.tokbox.com/whitelist.json	Platform - Global Streaming connectivity

The following Domains should be whitelisted:

Domain	Description
*.hotjar.com	Anonymous User Tracking (Hotjar)
*.gstatic.com	CDN (Fonts, CSS, JS Libraries)
*.ggpht.com	CDN (Fonts, CSS, JS Libraries)
*.googleapis.com	CDN (Fonts, CSS, JS Libraries)
www.google.com	CDN (Fonts, CSS, JS Libraries)
player.vimeo.com	Help Desk (Zendesk - embedded help video)
www.youtube-nocookie.com	Help Desk (Zendesk - embedded help video)
*.zopim.com	Help Desk (Zendesk)
assets.zendesk.com	Help Desk (Zendesk)
ekr.zdassets.com	Help Desk (Zendesk)
flexperto.zendesk.com	Help Desk (Zendesk)
static.zdassets.com	Help Desk (Zendesk)
notify.bugsnag.com	Fronted Anomaly Detection and Reporting
sentry.io	Fronted Anomaly Detection and Reporting

Calender Integration

Flexperto supports the integration of calendars that are hosted on Microsoft Exchange Servers (Office 365, managed or self-hosted), Outlook.com, iCloud and Google through our integration partner Cronofy.

If you use a Microsoft Exchange Server, please make sure that the following IPs have access to the Exchange Web Service interface (EWS):

54.93.34.174
3.121.21.226
3.122.2.191

For the best user experience we also recommend that autodiscover is turned on.

If you use Office 365, your administrator may have to whitelist the "Cronofy Connector" for your organisation. Please contact support@flexperto.com to obtain instructions on how to do this.

Client Side Requirements

Hardware

The client's hardware should meet these minimum Requirements:

Desktop or Laptop Computer, Android Tablet or Android Smartphone
Processor: min 2 GHz Dual Core
RAM: min 1 GB
Webcam (integrated or external)
Speakers (we recommend USB echo-canceling speakers for meeting room environments)
Microphone (we recommend a headset with microphone for improved sound quality and privacy)

Software

The client's hardware should meet these minimum requirements:

Google Chrome Version 72 +
FireFox Version ESR 60 +
Firefox Version 60+
Internet Explorer 11 (Plugin required)
Edge 17 (contained in Windows 10 April 2018 Update)
on Android Chrome 67 +
on Android Firefox 60 +
Safari 11+

Browser Settings

Javascript must be activated.

Your camera has to be accessible by and responsive to the browser. You can verify this via this test page https://simpl.info/getusermedia/. Things that can prohibit camera access are:

For built-in cameras: Your camera is deactivated in the BIOS-Settings
For external cameras: Your PC is configured to not accept USB-Cameras
Your camera driver is outdated (generally the universal Microsoft driver should work)
Your Antivirus software (such as Avira or Kaspersky) is configured to block camera access by default
Especially for Firefox: required features (such as getUserMedia or PeerConnection) are disabled in your browser

Browser Plugins

In order to interoperate with Safari Browsers (namely using the on this platform only supported h264 codec) Firefox requires a build in Plugin "openh264" to be up to date. In enterprise evironment, Firefox is typically configured to not perform automatic updates. Due to the plugin system of Firefox, this causes that openh264 files are out of date. For Safari Support find here a patch which updates the plugin files of Firefox without using Firefox Auto Update features. The archive contains a README with detailed instructions on how to apply the patch:

https://flexperto.box.com/s/ctzl7whdgedi05bqzwyeyprqahape28m

Screensharing (broadcasting) doesn't work on mobile OS Systems. (Andriod and IOS )
Tokbox doesn't support this feature.

Usage of flexperto on IE11 requires a Plugin Installation. The Platform will automatically attempt a Plugin installation for any user browsing our Meeting Room on IE11. This self-service Plugin installation requires admin level permissions on the client. In case your employees are not equipped with admin level permissions and you do operate a central software provisioning service for your clients, you can install the IE11 Plugin on machine level. The installers are:

for 32 bit systems: https://static.opentok.com/webrtc/v2.16.3/plugin/OpenTokPluginMain_x32.msi

for 64 bit systems: https://static.opentok.com/webrtc/v2.16.3/plugin/OpenTokPluginMain_x64.msi

Operating System

The following Operating Systems are supported:

OSX10.9+
iOS 13.2.3+
Windows 8.1 +
Ubuntu 12 +
Android KitKat +

with Chrome 53 +
with Firefox 49 +

Desktop virtualization software platform

The following Desktop Virtualization Plattform are supported

XenDesktop 7.15 +
- Client
  - Windows 10+
  - Windows Server 2008 R2+

Internet Bandwidth

We recommend a minimum dedicated 1.000 kb/s down per downloaded stream, as well as 1.000 kb/s up per uploaded stream to maintain a stable video/audio connection. Please note that the bandwidth is not the only factor for a stable video/audio connection.