This article outlines the required network settings that your Verkada Intercom needs to communicate with Verkada Command. For more information on the required network settings for other Verkada product lines see Required Network Settings.
Verkada devices are incompatible with LANs that require proxy servers or Secure Socket Layer (SSL)/Transport Layer Security (TLS) inspection. If either is in use, a bypass for all Verkada devices must be implemented for Verkada devices to communicate with Verkada Command.
Status LED
A flashing blue status LED on the top of the intercom indicates the intercom is not communicating with Command. If you see this behavior, check that the network is set up correctly with the intercom’s requirements. If the problem persists, contact Verkada Support.
IP address
Intercoms must be assigned an IPv4 address to communicate on the LAN and to Verkada Command. Intercoms use Dynamic Host Configuration Protocol (DHCP) and User Datagram Protocol (UDP) to obtain their IP addresses and network configurations.
If you require your intercom to have a specific IP address, create a DHCP reservation using the device’s Media Access Control (MAC) address (found on the device's label).
Domain Name System
Intercoms use the DNS server to resolve Verkada’s fully qualified domain names (FQDN) to IP addresses to communicate with them. Your DHCP server tells the intercom where the DNS server is on the network and the intercom communicates using UDP port 53.
DNS over HTTPS (DoH) is currently not supported.
Power
Intercoms are powered through Power over Ethernet (PoE). This means the network switch needs to provide power to the intercom, or a PoE injector needs to be utilized. For specifics on power requirements, see the Intercom datasheet.
Firewall settings
Intercoms require access to many endpoints to ensure they can communicate with Command and all features will be accessible. Many customers may want to allow the intercoms to communicate with the general required endpoints.
These are the general domains to allow, applicable for all organization-regions:
Mandatory:
*.amazonaws.com - TCP+UDP/443, UDP/1024 to 65535
*.twilio.com - TCP+UDP/443, 5060, 5061
*.verkada.com - TCP+UDP/443, UDP/123
*:4100 - TCP/UDP on LAN
34.216.15.26 - UDP/123
35.166.49.153 - TCP+UDP/443, UDP/123
168.86.128.0/18 - UDP/1024 to 65535
time.cloudflare.com - TCP/4460 + UDP/123
*.livekit.cloud - TCP/443, UDP/50000 to 60000
*.turn.livekit.cloud - TCP/443, UDP/50000 to 60000
*.host.livekit.cloud - UDP/3478, UDP/50000 to 60000
LiveKit enables high quality, low latency video and audio streaming with Verkada intercoms.
If you prefer a more granular allowlist, you can add IP addresses, full FQDNs, and wildcard domains to your firewall rules based on the region where your devices are located.
Your region is selected when you create an organization in Command.
Region: United States
Standard Verkada Endpoints
api.control.verkada.com - TCP+UDP/443
api.global-prod.control.verkada.com - TCP+UDP/443
api-ga.control.verkada.com - TCP+UDP 443
device.pyramid.verkada.com - TCP+UDP/443
device-nlb.verkada.com - TCP+UDP/443
firmware.control.verkada.com - TCP+UDP/443
nlb.verkada.com - TCP+UDP/443
update.control.verkada.com - TCP+UDP/443
user.pyramid.verkada.com - TCP+UDP/443
vconductor.global-prod.command.verkada.com - TCP+UDP/443
NTP Endpoints
34.216.15.26 - UDP/123
35.166.49.153 - UDP/123 + TCP+UDP/443
time.control.verkada.com - UDP/123
time.cloudflare.com - TCP/4460
time.cloudflare.com - UDP/123
Streaming Endpoints
*:4100 - TCP/UDP on LAN (only required for local streaming)
*.us-west-2.compute.amazonaws.com UDP/1024 to 65535 (webRTC)
index.control.verkada.com - TCP+UDP/443
relay.control.verkada.com - TCP+UDP/443
relay.global-prod.control.verkada.com - TCP+UDP/443
Calling Endpoints
168.86.128.0/18 - UDP 1024 to 65535
chunderm.gll.twilio.com - TCP 443†
ers.twilio.com - TCP 443†
eventgw.twilio.com - TCP 443†
verkada-erik-sip.sip.twilio.com - TCP+UDP 5060, 5061
verkada-erik-sip.sip.us1.twilio.com - TCP+UDP 5060, 5061
verkada.sip.us1.twilio.com - TCP+UDP 5060, 5061
verkada-vinter-audio-files-prod1.s3.amazonaws.com - TCP+UDP 443
LiveKit Full FQDNs
LiveKit Full FQDNs
verkada-intercom-prod1-lwfdr3vo.dblr1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dblr1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dfra1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dfra1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dsfo3a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dsfo3b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dsgp1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dsgp1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dsyd1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.dsyd1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.ochicago1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.ochicago1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.odubai1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.odubai1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.oashburn1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.oashburn1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.ojohannesburg1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.ojohannesburg1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.olondon1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.olondon1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.omarseille1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.omarseille1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.ophoenix1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.ophoenix1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.osingapore1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.osingapore1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.osaopaulo1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.osaopaulo1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.otokyo1a.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.otokyo1b.production.livekit.cloud-TCP/443
verkada-intercom-prod1-lwfdr3vo.sfo3.production.livekit.cloud-TCP/443
dblr1a.turn.livekit.cloud-TCP/443
dblr1b.turn.livekit.cloud-TCP/443
dfra1a.turn.livekit.cloud-TCP/443
dfra1b.turn.livekit.cloud-TCP/443
dsfo3a.turn.livekit.cloud-TCP/443
dsfo3b.turn.livekit.cloud-TCP/443
dsgp1a.turn.livekit.cloud-TCP/443
dsgp1b.turn.livekit.cloud-TCP/443
dsyd1a.turn.livekit.cloud-TCP/443
dsyd1b.turn.livekit.cloud-TCP/443
oashburn1a.turn.livekit.cloud-TCP/443
oashburn1b.turn.livekit.cloud-TCP/443
ochicago1a.turn.livekit.cloud-TCP/443
ochicago1b.turn.livekit.cloud-TCP/443
odubai1a.turn.livekit.cloud-TCP/443
odubai1b.turn.livekit.cloud-TCP/443
ojohannesburg1a.turn.livekit.cloud-TCP/443
ojohannesburg1b.turn.livekit.cloud-TCP/443
olondon1a.turn.livekit.cloud-TCP/443
olondon1b.turn.livekit.cloud-TCP/443
omarseille1a.turn.livekit.cloud-TCP/443
omarseille1b.turn.livekit.cloud-TCP/443
ophoenix1a.turn.livekit.cloud-TCP/443
ophoenix1b.turn.livekit.cloud-TCP/443
osaopaulo1a.turn.livekit.cloud-TCP/443
osaopaulo1b.turn.livekit.cloud-TCP/443
osingapore1a.turn.livekit.cloud-TCP/443
osingapore1b.turn.livekit.cloud-TCP/443
otokyo1a.turn.livekit.cloud-TCP/443
otokyo1b.turn.livekit.cloud-TCP/443
sfo3.turn.livekit.cloud-TCP/443
Access Control Endpoints
access.control.verkada.com - TCP+UDP/443
vcerberus.command.verkada.com - TCP+UDP/443
Cloud Backup Endpoints
s3.ap-southeast-2.amazonaws.com - TCP/443‡
s3.ca-central-1.amazonaws.com - TCP/443‡
s3.us-west-2.amazonaws.com - TCP/443‡
Region: Europe
Standard Verkada Endpoints
api.global-prod.control.verkada.com - TCP+UDP/443
api.prod2.control.verkada.com - TCP+UDP/443
api-ga.control.verkada.com - TCP+UDP 443
update.control.verkada.com - TCP+UDP/443
vconductor.global-prod.command.verkada.com - TCP+UDP/443
vconductor.prod2.command.verkada.com - TCP+UDP/443
NTP Endpoints
35.166.49.153 - UDP/123 + TCP+UDP/443
time.control.verkada.com - UDP/123
time.cloudflare.com - TCP/4460
time.cloudflare.com - UDP/123
Streaming Endpoints
*:4100 - TCP/UDP on LAN (only required for local streaming)
*.eu-west-1.compute.amazonaws.com UDP/1024 to 65535 (webRTC)
index.prod2.control.verkada.com - TCP+UDP/443
relay.global-prod.control.verkada.com - TCP+UDP/443
relay.prod2.control.verkada.com - TCP+UDP/443
Calling Endpoints
168.86.128.0/18 - UDP 1024 to 65535
chunderm.gll.twilio.com - TCP 443†
ers.twilio.com - TCP 443†
eventgw.twilio.com - TCP 443†
verkada-prod2.sip.twilio.com - TCP+UDP 5060, 5061
verkada-prod2.sip.us1.twilio.com - TCP+UDP 5060, 5061
verkada-vinter-audio-files-prod2.s3.amazonaws.com - TCP+UDP 443
LiveKit Full FQDNs
LiveKit Full FQDNs
verkada-intercom-prod2-wrhsid3a.dblr1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dblr1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dfra1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dfra1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dsfo3a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dsfo3b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dsgp1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dsgp1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dsyd1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.dsyd1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.oashburn1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.oashburn1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.ochicago1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.ochicago1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.odubai1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.odubai1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.ojohannesburg1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.ojohannesburg1b.production.livekit.cloud-TCP/44
verkada-intercom-prod2-wrhsid3a.olondon1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.olondon1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.omarseille1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.omarseille1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.osaopaulo1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.osaopaulo1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.osingapore1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.osingapore1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.ophoenix1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.ophoenix1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.otokyo1a.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.otokyo1b.production.livekit.cloud-TCP/443
verkada-intercom-prod2-wrhsid3a.sfo3.production.livekit.cloud-TCP/443
dblr1a.turn.livekit.cloud-TCP/443
dblr1b.turn.livekit.cloud-TCP/443
dfra1a.turn.livekit.cloud-TCP/443
dfra1b.turn.livekit.cloud-TCP/443
dsfo3a.turn.livekit.cloud-TCP/443
dsfo3b.turn.livekit.cloud-TCP/443
dsgp1a.turn.livekit.cloud-TCP/443
dsgp1b.turn.livekit.cloud-TCP/443
dsyd1a.turn.livekit.cloud-TCP/443
dsyd1b.turn.livekit.cloud-TCP/443
oashburn1a.turn.livekit.cloud-TCP/443
oashburn1b.turn.livekit.cloud-TCP/443
ochicago1a.turn.livekit.cloud-TCP/443
ochicago1b.turn.livekit.cloud-TCP/443
odubai1a.turn.livekit.cloud-TCP/443
odubai1b.turn.livekit.cloud-TCP/443
ojohannesburg1a.turn.livekit.cloud-TCP/443
ojohannesburg1b.turn.livekit.cloud-TCP/443
olondon1a.turn.livekit.cloud-TCP/443
olondon1b.turn.livekit.cloud-TCP/443
omarseille1a.turn.livekit.cloud-TCP/443
omarseille1b.turn.livekit.cloud-TCP/443
ophoenix1a.turn.livekit.cloud-TCP/443
ophoenix1b.turn.livekit.cloud-TCP/443
osaopaulo1a.turn.livekit.cloud-TCP/443
osaopaulo1b.turn.livekit.cloud-TCP/443
osingapore1a.turn.livekit.cloud-TCP/443
osingapore1b.turn.livekit.cloud-TCP/443
otokyo1a.turn.livekit.cloud-TCP/443
otokyo1b.turn.livekit.cloud-TCP/443
sfo3.turn.livekit.cloud-TCP/443
Access Control Endpoints
access.prod2.command.verkada.com - TCP+UDP/443
vcerberus.command.verkada.com - TCP+UDP/443
Cloud Backup Endpoints
s3.eu-west-1.amazonaws.com - TCP/443‡
Region: Australia
Standard Verkada Endpoints
api.global-prod.control.verkada.com - TCP+UDP/443
api.prod-ap-syd.control.verkada.com - TCP+UDP/443
api-ga.control.verkada.com - TCP+UDP 443
update.control.verkada.com - TCP+UDP/443
vconductor.global-prod.command.verkada.com - TCP+UDP/443
vconductor.prod-ap-syd.command.verkada.com - TCP+UDP/443
NTP Endpoints
35.166.49.153 - UDP/123 + TCP+UDP/443
time.control.verkada.com - UDP/123
time.cloudflare.com - TCP/4460
time.cloudflare.com - UDP/123
Streaming Endpoints
*:4100 - TCP/UDP on LAN (only required for local streaming)
*.eu-west-1.compute.amazonaws.com - UDP/1024 to 65535(webRTC)
index.prod-ap-syd.control.verkada.com - TCP+UDP/443
relay.global-prod.control.verkada.com - TCP+UDP/443
relay.prod-ap-syd.control.verkada.com - TCP+UDP/443
Calling Endpoints
168.86.128.0/18 - UDP 1024 to 65535
chunderm.gll.twilio.com - TCP 443†
ers.twilio.com - TCP 443†
eventgw.twilio.com - TCP 443†
verkada-prod-ap-syd.sip.twilio.com - TCP+UDP 5060, 5061
verkada-prod-ap-syd.sip.us1.twilio.com - TCP+UDP 5060, 5061
verkada-vinter-audio-files-prod-ap-syd.s3.amazonaws.com - TCP+UDP 443
LiveKit Full FQDNs
LiveKit Full FQDNs
verkada-intercom-prod-ap-syd-7tmwkpxi.dblr1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dblr1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dfra1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dfra1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dsfo3a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dsfo3b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dsgp1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dsgp1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dsyd1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.dsyd1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.oashburn1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.oashburn1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.ochicago1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.ochicago1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.odubai1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.odubai1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.ojohannesburg1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.ojohannesburg1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.olondon1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.olondon1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.omarseille1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.omarseille1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.osaopaulo1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.osaopaulo1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.osingapore1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.osingapore1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.ophoenix1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.ophoenix1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.otokyo1a.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.otokyo1b.production.livekit.cloud-TCP/443
verkada-intercom-prod-ap-syd-7tmwkpxi.sfo3.production.livekit.cloud-TCP/443
dblr1a.turn.livekit.cloud-TCP/443
dblr1b.turn.livekit.cloud-TCP/443
dfra1a.turn.livekit.cloud-TCP/443
dfra1b.turn.livekit.cloud-TCP/443
dsfo3a.turn.livekit.cloud-TCP/443
dsfo3b.turn.livekit.cloud-TCP/443
dsgp1a.turn.livekit.cloud-TCP/443
dsgp1b.turn.livekit.cloud-TCP/443
dsyd1a.turn.livekit.cloud-TCP/443
dsyd1b.turn.livekit.cloud-TCP/443
oashburn1a.turn.livekit.cloud-TCP/443
oashburn1b.turn.livekit.cloud-TCP/443
ochicago1a.turn.livekit.cloud-TCP/443
ochicago1b.turn.livekit.cloud-TCP/443
odubai1a.turn.livekit.cloud-TCP/443
odubai1b.turn.livekit.cloud-TCP/443
ojohannesburg1a.turn.livekit.cloud-TCP/443
ojohannesburg1b.turn.livekit.cloud-TCP/443
olondon1a.turn.livekit.cloud-TCP/443
olondon1b.turn.livekit.cloud-TCP/443
omarseille1a.turn.livekit.cloud-TCP/443
omarseille1b.turn.livekit.cloud-TCP/443
ophoenix1a.turn.livekit.cloud-TCP/443
ophoenix1b.turn.livekit.cloud-TCP/443
osaopaulo1a.turn.livekit.cloud-TCP/443
osaopaulo1b.turn.livekit.cloud-TCP/443
osingapore1a.turn.livekit.cloud-TCP/443
osingapore1b.turn.livekit.cloud-TCP/443
otokyo1a.turn.livekit.cloud-TCP/443
otokyo1b.turn.livekit.cloud-TCP/443
sfo3.turn.livekit.cloud-TCP/443
Access Control Endpoints
access.prod-ap-syd.command.verkada.com - TCP+UDP/443
vcerberus.command.verkada.com - TCP+UDP/443
Cloud Backup Endpoints
s3.eu-west-1.amazonaws.com - TCP/443‡
Footnotes:
†required for Desk Stations and Verkada Pass
‡required for cloud backup
Use the Verkada Network Tester to verify your devices can connect to Verkada Command. Select your region and the Intercom product type to run the check.
The following endpoints must be allowed on your network for the test to work:
speed.cloudflare.com
network-tester.support.verkada.com
Revisions
September 2024:
Added LiveKit endpoints for high-quality video and audio streams.
Need more help? Contact Verkada Support.