Giraffe CCTV
  • What is Giraffe?
  • Architecture
  • Giraffe Cloud
    • Getting started
      • Logging in
      • First steps
      • Giraffe terminology
      • Managing your account
    • View and control
      • Live talkdown
      • PTZ presets
      • Quick sounds
      • Custom views
      • Strobes
      • Floodlights
    • Alarm handling
    • Recording
      • Recording configuration
      • Recording playback
      • Exporting footage
    • Schedules
    • Active threat deterrence
      • Arming and disarming
      • Alarm states and configuration
    • System monitoring
      • Overview
      • Graphs
      • Events
      • Error states
    • Notification system
      • Person / vehicle alerts
      • Rate limits
    • Camera setup
      • Artificial intelligence
      • Masking
      • Camera configuration
      • Camera guides
        • Pelco
        • Hanwha
        • Axis
        • Dahua
        • Hikvision
        • Milesight
    • Router integration
      • Peplink
      • Teltonika
      • Advanced
    • Team management
      • Team hierarchy
      • Inviting users
      • Permissions
    • ARC integration
      • Sentinel Native
      • Generic Integration
      • Immix
      • Sentinel - Deprecated
    • Reseller teams
      • Team management
    • Troubleshooting
      • MTU Configuration
    • Advanced
      • Firewall whitelisting
      • White label
    • API
      • RTSP Service
      • HTTP API
  • Mobile App
    • Installing
    • Signing in
    • Live view
    • Recording
    • Updating
    • Privacy policy
  • Edge Controller
    • Edge Controller versions
    • Hardware overview
      • Edge Controller V2
      • Edge Controller V1
        • Status lights
    • Configuration
      • Device definitions
      • Camera power
    • Battery Calibration
    • Mobile routers
      • Router guides
        • Teltonika
          • Unblocking WebUI access
        • Peplink
    • Victron integration
    • SMTP Alarm Receiver
    • PIR sensors
      • Luminite Genesis PIR integration
      • Wired PIR sensors
    • Power consumption
    • Boot / shutdown procedure
    • GPS
    • EFOY integration
    • Advanced
      • Internal queue system
      • Self healing
      • Recording storage
  • Hub Controller
    • Overview
    • Installation
    • Troubleshooting
  • Mobile Security Unit
    • Overview
    • MSU Generations
    • Battery
  • Network Node
    • Overview
  • Mini Tower
    • Overview
    • Transporting the tower
    • Deployment steps
    • On site setup checklist
    • Pack away steps
    • Battery management
    • Solar performance
    • Maintenance
    • Branding
    • Troubleshooting
    • Safety
  • Battery Box
    • Overview
  • Giraffe Battteries
    • Charging
    • Safety
  • Solar Frame
    • Page 1
  • Terms and conditions
Powered by GitBook
On this page
  • Overview
  • Ports
  • WebRTC connections
  • IP Whitelisting
  1. Giraffe Cloud
  2. Advanced

Firewall whitelisting

Overview

The Giraffe Cloud is a publicly available, 'multi tenant' SAAS application. All communication between the Edge Controllers, the Giraffe Cloud and the end user devices (laptops, mobiles) are encrypted.

Ports

The Giraffe Cloud communicates with Edge Controllers on the following ports. These are outbound ports, we assume

Port
Purpose
Hostname

443 (TCP)

Communication from the Edge Controller to the Giraffe API

*.onvp.io *.onvp.net

1194 (UDP or TCP)*

VPN connection from the Edge Controller to the Giraffe API

*.onvp.io *.onvp.net

3478 (UDP or TCP)*

STUN connections from Edge Controller to Giraffe STUN and TURN servers

*.onvp.io *.onvp.net

5349 (TCP)*

STUN connections from Edge Controller to Giraffe STUN and TURN servers

*.onvp.io *.onvp.net

123 (NTP)

NTP requests from the Edge Controller to time servers.

time.google.com time.onvp.io

*Note that the Edge Controller can connect over TCP 443 if UDP 1194 is not open. However, performance will be suboptimal as we have to tunnel TCP over TCP. The Edge Controller will not connect via TCP 443 automatically and you need to contact Giraffe Support if you wish to have this enabled on your account.

The web and mobile clients communicate with the Giraffe Cloud on the following ports

Port
Purpose

(443) TCP

General HTTPs web traffic to the Giraffe API.

1194 (UDP or TCP)*

STUN connections from Edge Controller to Giraffe STUN and TURN servers

3478 (UDP or TCP)*

STUN connections from Edge Controller to Giraffe STUN and TURN servers

5349 (TCP)*

STUN connections from Edge Controller to Giraffe STUN and TURN servers

*Note that the Edge Controller will attempt connections over 443 if these ports are not open. However, performance will be suboptimal.

The Edge Controllers do not require any inbound ports to be opened and static IP addresses are not required on mobile routers. All communication is established from the Edge Controller to the Giraffe Cloud, and reverse communication is tunnelled over an automatically provisioned VPN connection.

From a security perspective, we do not recommend opening any inbound ports towards the Edge Controller.

WebRTC connections

If a direct tunnel cannot be established, we fall back to a TURN server based connection.

IP Whitelisting

It is not possible to IP whitelist outbound traffic from your network to Giraffe. If you wish to do this you will need to do DNS based whitelisting.

It is possible to whitelist traffic originated from Giraffe coming to your network. This is useful for webhooks and alarm receiving centre integrations.

The IP addresses we are currently using are listed below. If you intend on strictly whitelisting these IP addresses please contact us first.

IP Address
Date Added

52.19.56.125/32

20th December 2024

63.35.165.100/32

20th December 2024

PreviousAdvancedNextWhite label

Last updated 4 months ago

The Giraffe platform uses to transmit live video from the Edge Controller to the viewing device (similar to how video conferencing works). WebRTC will attempt to find a inbound port that it can use to establish a direct connection. Depending on the type of NAT present, this might not be possible.

WebRTC