Verkada devices need to communicate with Verkada Command in AWS GovCloud via their local network. In most cases, minimal updates to your network settings are needed. Additional configuration may be required for complex or highly secure networks.
See Required Network Settings for more information on the required network settings for other Verkada product lines.
Compatibility
Verkada devices are incompatible with local area networks (LANs) that require proxy servers or Secure Socket Layer (SSL)/Transport Layer Security (TLS) inspection. If either is in use, a bypass for all Verkada devices must be implemented for your Verkada devices to communicate with Verkada Command.
IP address
Verkada devices must be assigned an IPv4 address to communicate on the LAN and to Verkada Command through the internet. By default, all Verkada devices use Dynamic Host Configuration Protocol (DHCP) and User Datagram Protocol (UDP) to obtain their IP addresses and network configurations.
If you require your device to have a specific IP address, create a DHCP reservation using the device’s Media Access Control (MAC) address (found on the device's label). You can also set up static IP addresses in Command for cameras.
Verkada devices may utilize path MTU discovery to determine the maximum transmission unit of the network path. Therefore, it is necessary to permit ICMP Fragmentation Needed (Type 3, Code 4) and ICMPv6 Packet Too Big (Type 2) packets. Ensure your firewall(s) are configured to permit this in the return path to your Verkada devices.
Domain Name System
Verkada devices use the Domain Name System (DNS) server to resolve Verkada’s fully qualified domain names (FQDN) to IP addresses to communicate with them. Your DHCP server tells the Verkada device where the DNS server is on the network, and the device communicates using UDP port 53.
DNS over HTTPS (DoH) is not currently supported.
Power
Most Verkada devices are powered through Power over Ethernet (PoE). You can use the product datasheets to figure out the power requirements for your Verkada devices.
These are the most common power requirements:
IEE 802.3af, Type 1 PoE
IEEE 802.3at, Type 2 PoE+
IEEE 802.3bt, Type 3 PoE++
Camera firewall settings
Verkada cameras require access to many endpoints to ensure they can communicate with Command and all features will be accessible.
Region: United States Gov
api.global-prod.control.verkada.com (HTTPS/443)
44.229.19.56/32
54.200.195.106/32
54.69.85.201/32
update.control.verkada.com (HTTPS/443)
NTP: returned by DHCP client, if not provided, falls back to time.nist.gov (UDP/123)
Local streaming: *:4100 on LAN (HTTPS/443)
RTSP: *:8554 on LAN
kinesisvideo.us-gov-west-1.amazonaws.com (HTTPS/443)
*.us-gov-west-1.compute.amazonaws.com (HTTPS/443)
*.us-gov-west-1.compute.amazonaws.com (UDP/1024-65535)
s3.us-gov-west-1.amazonaws.com (HTTPS/443)
108.175.56.0/22
136.18.0.0/23
108.175.48.0/22
15.200.176.128/28
15.200.28.240/28
verkada-firmware.s3.us-west-2.amazonaws.com (HTTPS/443)
3.5.76.0/22
18.34.244.0/22
18.34.48.0/20
3.5.80.0/21
52.218.128.0/17
52.92.128.0/17
35.80.36.208/28
35.80.36.224/28
api.prod-govus-pine.control.verkadagov.com (HTTPS/443)
3.32.137.127/32
3.31.127.57/32
3.30.93.146/32
api.control.verkada.com (HTTPS/443)
35.155.73.204/32
54.186.237.126/32
35.166.49.153/32
35.84.130.83/32
Need more help? Contact Verkada Support.