Verkada devices are designed to maintain your network’s security while still offering remote access and easy management of your devices. In most cases, little to no updates to your network settings are required. Depending on your particular case, however, some configuration may be required to get your devices online.

If your network is configured properly as per the instructions below, and you still cannot get your device online, please reach out to Verkada Support and try to use this guide to provide a packet capture to the team so we can best solve your issue.

IP Address

Verkada devices must be assigned a routable IP address via DHCP. For network security reasons, static IP addresses are not currently supported. A DHCP reservation is a hassle-free way to ensure the device receives a specific IP address. You need the camera's MAC address to create a reservation. The MAC address of an AC41 can be found on the sticker below the cable management compartment.


Verkada devices require a DNS server to be able to resolve specific domains in order to communicate with Verkada Command. DNS servers can only be set with DHCP. Verkada devices will always query DNS servers via the standard destination port 53 using UDP. DNS over HTTPS (DoH) is not currently supported.


Verkada devices need to communicate with specific domains owned by Verkada to provide you with a full-featured experience. All communication between a Verkada device and Verkada Command is over HTTPS using port TCP 443. Devices also use NTP to synchronize time over UDP port 123.

Note: When Verkada devices communicate with Verkada Command, connections are made outbound from your LAN to our servers on the Internet. While the source port from which the Verkada device uses to communicate with Command varies per standard IP communication practices, the standard range of ephemeral ports is used (49152-65535).

Depending on your firewall rules, you may need to whitelist the Verkada server subdomain, over TCP port 443:


If you prefer to whitelist specific domains use these FQDNs over TCP port 443:

The Verkada next-generation video streaming capability uses the following FQDN over TCP 443 and UDP 443:


For the devices to perform NTP time synchronization, whitelist communication over UDP port 123 to the below FQDN and IP address:

Note: will be used as the fallback if cannot be resolved.

Access control devices require additional domains whitelisted over TCP port 443:

Alarms devices require these additional domains whitelisted over TCP port 443:

Alarm Consoles also require these domains whitelisted over UDP port 3478:

Sensor devices require the additional domain whitelisted over TCP port 443:

Viewing Stations require whitelisting the subdomain over TCP port 443:


If you prefer to whitelist specific domains use these FQDNs over TCP port 443:

BC51, VX51, and VX52s require the following endpoints in addition to those required for their platform:

TCP 80

TCP 443

TCP 80 & TCP 443

UDP 123

Email Server

In order to ensure reliable delivery of Verkada emails (including event notifications, password reset emails, and magic links) the following email domains should be whitelisted on your mail server.

SSL/TLS Inspection & Proxy Servers

Verkada devices are incompatible with LANs that require the use of proxy servers or that require SSL/TLS inspection. If either are in use, a bypass for all Verkada devices must be put in place in order for Verkada devices to communicate with Verkada Command.

Did this answer your question?