Whitelist Zero Touch Provisioning Services for Obihai and Poly Devices

Updated: 03/25/2024

Objective

Whitelisting ZTP services for Obihai and Poly devices.

Applies To

  • Obihai ATA Adapters
  • Poly Phones firmware 5.8+

Procedure

Note: This list of subnets is not owned or maintained by 8x8, and is subject to change without notice. Links are provided at the bottom of this document to the Source documentation from Poly.
  1. Add the PDMS, formerly Obitalk, IPs, and Ports, to the firewall whitelist.
  2. If your firewall requires it, whitelist trusted hosts from the second table below.

PDMS-SP Trusted IP Addresses

Trusted IP Address UDP/TCP TLS
54.241.160.4 (Root node server)
10000 to 20000
TCP: 6800
443
13.52.69.0 10000 to 20000 443
13.56.185.145 10000 to 20000 443
13.57.121.193 10000 to 20000 443
54.241.91.173 10000 to 20000 443
54.241.163.234 10000 to 20000 443
54.67.107.54 10000 to 20000 443
54.67.113.163 10000 to 20000 443
54.219.101.213 10000 to 20000 443
52.52.249.241 10000 to 20000 443
52.53.96.55 10000 to 20000 443
52.9.223.41 10000 to 20000 443
52.9.225.203 10000 to 20000 443
185.59.222.184 10000 to 20000 443
185.59.222.185 10000 to 20000 443
185.59.222.186 10000 to 20000 443
185.93.0.141 10000 to 20000 443
185.93.0.155 10000 to 20000 443

PDMS-SP Provisioning Trusted Hosts

Trusted Host IP Address Protocol(s) UCS Description
www.obitalk.com 52.9.172.78
HTTP
HTTPS
N Essential functions for cloud troubleshooting and general connectivity features, including capturing remote syslogs and PCAPs.
www1.obitalk.com 54.183.147.237
HTTP
HTTPS
Y Essential functions for cloud troubleshooting and general connectivity features, including capturing remote syslogs and PCAPs.
pgs.obitalk.com 54.67.27.166 HTTPS N Enables devices to send local configuration data to the host when the administrator of the services checks a device’s local configuration from the PDMS-SP portal.
prov.obitalk.com 54.193.112.156
HTTP
HTTPS
Y Enables Zero-Touch customization for device onboarding. Also used for upgrading firmware for OBi devices using the ITSP portal Firmware drop-down menu.
devpfs.obitalk.com 52.53.103.203 HTTPS N Used for device profiles as part of ZT customization to match the phone ID with the cloud.
api.obitalk.com 52.52.91.236
HTTP
HTTPS
N/A Enables you to access APIs from your computer or the app that manages PDMS-SP without adding addresses to the allow list on the device’s network.
fw.obitalk.com 54.241.157.146
HTTP
HTTPS
N/A Enables you to download firmware from the website. This is optional but future-proof.
fw.obihai.com 52.8.107.151 HTTP N Enables you to download firmware from the list in the PDMS-SP ITSP portal.
ucsprov.obitalk.com 13.52.127.178 HTTPS Y Enables you to provision ZT profiles as part of the claim device feature for UCS.
services.obitalk.com 54.241.157.146 HTTPS N Enables the device to send required data to perform PDMS-SP services like Syslog and PCAP.

Claim Device Requirements for UCS

PDMS-SP supports claiming UCS-based endpoints. The service still uses Poly ZTP, so you must add the IP addresses to an allow list for the service to function properly.
Note: All IP addresses are static.
ZTP FQDN IP Address
ztp.Poly.com
3.219.214.168
18.235.37.112
ztp.polycom.com (Recommended) See Poly-Provided Documentation.

Additional Information

Obihai adapters and Poly phones on 5.8+ firmware must communicate with the PDMS system before they can be provisioned or come online with 8x8 service. These servers are used for ZTP (Zero Touch Provisioning). For more information, see: