Required Network Settings

Learn about the network settings you need to enable and activate Verkada devices

Updated over a week ago

Verkada devices need to communicate with Verkada Command, and they use the network they are connected to in order to do this. In most cases, little-to-no updates to your network settings are needed. Additional configuration may be required for complex or highly secure networks.

Additional required domains

Each unique device type may have additional required domains (see list). Some firewalls do not allow wildcards (*), so you may need to allowlist each endpoint individually.

Note: The Verkada BC51 Alarm Console, Viewing Station, Intercom, and Workplace (Guest and Mailroom) have additional endpoints not in the list (above). Refer to their specific network settings for the complete list.


Requirement: Verkada devices are incompatible with LANs that require the use of proxy servers or that require Secure Socket Layer (SSL)/Transport Layer Security (TLS) inspection. If either are in use, a bypass for all Verkada devices must be implemented for Verkada devices to communicate with Verkada Command.


Most Verkada devices are powered through Power over Ethernet (PoE).

Recommendation: Ensure that your network switch can provide power, or use an PoE injector to supply power to the device. Verkada’s devices use IEE 802.3af Type 1 PoE, IEEE 802.3at Type 2 PoE+, and IEEE 802.3bt Type 3 PoE++, depending on the device model.

Use the datasheets to determine what the power requirements are for your Verkada device. These the most common power requirements:

  • IEE 802.3af, Type 1 PoE

  • IEEE 802.3at, Type 2 PoE+

  • IEEE 802.3bt, Type 3 PoE++

  • 100–240 VAC, 50/60 Hz

IP address

Verkada devices must be assigned an IPv4 address to communicate on the LAN and to Verkada Command through the internet. By default, all Verkada devices use Dynamic Host Configuration Protocol (DHCP), User Datagram Protocol (UDP) ports 67 and 68 to obtain their IP addresses and network configurations.

If you require your device to have a specific IP address, use a DHCP reservation using the device’s Media Access Control (MAC) address (found on the device's label). For cameras specifically, you can set up a static IP address in Command.

Domain Name System

Verkada devices use the Domain Name System (DNS) server to resolve Verkada’s fully qualified domain names (FQDN) to IP addresses to communicate with them. Your DHCP server tells the Verkada device where the DNS server is on the network and the device communicates using UDP port 53.

Note: DNS over HTTPS (DoH) is currently not supported.

Firewall settings

Verkada devices require access to many endpoints to have the full-featured experience. Many customers may want to restrict devices to only communicate with the specific required endpoints.

Below are the general domains to allow, applicable for all organization-regions:

  • * - UDP/123 + TCP+UDP/443

  • - UDP/123

  • - UDP/123 + TCP+UDP/443

  • * - TCP/443

  • * - TCP+UDP 443, 5060, 5061

  • - TCP/4460 + UDP/123

  • *:4100 - TCP/UDP on LAN

  • * - TCP+UDP/443

  • * - UDP/1024 to 65535

  • * - TCP/443

See Additional required domains (above) for a list of additional product-specific required network settings.

Need more help? Contact Verkada Support

Did this answer your question?