We've Moved! Please visit our new and improved forum over at our new portal: https://portal.plumvoice.com/hc/en-us/community/topics

Firewall specs

Questions and answers about IVR programming for Plum DEV

Moderators: admin, support

Post Reply
mamacdonald
Posts: 4
Joined: Sun Aug 14, 2016 10:26 am

Firewall specs

Post by mamacdonald »

Hi,
I'm working with my security engineer trying to setup a port for the plum voice app to reach my url. Do you have specific firewall specs that he would need to follow?
Or is there someone specific he can work with to get this up and running?

Thanks,
Mary

support
Posts: 3632
Joined: Mon Jun 02, 2003 3:47 pm
Location: Boston, MA
Contact:

Re: Firewall specs

Post by support »

Hi Mary,

As long as your application is publicly accessible over the internet the platform will be able to fetch it on any port. For instance, if you set up your app at: http://example.com:8080/start.php, the platform will attempt to fetch that script on your web server on port 8080. The one thing that platform does require is that each script always returns valid vxml, as it is a vxml interpreter after-all. Hopefully that helps answer your question, but please let us know if you have any additional questions.

Regards,
Plum Support

mamacdonald
Posts: 4
Joined: Sun Aug 14, 2016 10:26 am

Re: Firewall specs

Post by mamacdonald »

My app is not publicly accessible over the internet. My security engineer needs to setup external access. Do have specific IP addresses that replys will come from?
VXML is the only format that is recognized?

support
Posts: 3632
Joined: Mon Jun 02, 2003 3:47 pm
Location: Boston, MA
Contact:

Re: Firewall specs

Post by support »

Hi Mary,

You should whitelist the following subnet range to allow for requests from our systems: 69.25.74.64/26. To clarify, your scripts can be written in any language, they just need to present valid xml or vxml responses in order for the platform to interpret them and present them to the caller in your application.

Regards,
Plum Support

mamacdonald
Posts: 4
Joined: Sun Aug 14, 2016 10:26 am

Re: Firewall specs

Post by mamacdonald »

My firewall engineer has whitelisted the proper addresses. Now through the developement test environment I am unable to ping my IP, and am unable to fetch my xml file through the URL it timeout's. What else am I missing to set this up properly?
Should the DEV environment work once the IP's you specified are whitelisted?

support
Posts: 3632
Joined: Mon Jun 02, 2003 3:47 pm
Location: Boston, MA
Contact:

Re: Firewall specs

Post by support »

Hi Mary,

If you could give us some more details about how you are testing your environment we might be able to further assist you. Have you attempted to call in? Our IVRs are located in the 69.25.74.64/26 subnet, so the requests should make it to your application since your firewall engineer whitelisted the subnet.

If you are attempting to test in other ways, those requests may not be coming from our 69.25.74.64/26 subnet.

Regards,
Plum Support

mamacdonald
Posts: 4
Joined: Sun Aug 14, 2016 10:26 am

Re: Firewall specs

Post by mamacdonald »

Yes, I attempted to call in and got nothing. When I look at the logs it says Unable to fetch file, timeout. So I went to try the network tool and ping my IP and it was unable to reach the IP. How else can I test my environment?

support
Posts: 3632
Joined: Mon Jun 02, 2003 3:47 pm
Location: Boston, MA
Contact:

Re: Firewall specs

Post by support »

Hi,

Would you please send us a PM with the start URL that your application is located at? We need that to attempt further tests.

Requests from our website come from a different subnet than requests from our IVR systems. When you call in, requests to your application will come from the 69.25.74.64/26 subnet. Website requests will come from the 63.251.132.32/27 subnet. Since you have only allowed access from 69.25.74.64/26, calls should work while requests from our website will not.

Regards,
Plum Support

support
Posts: 3632
Joined: Mon Jun 02, 2003 3:47 pm
Location: Boston, MA
Contact:

Re: Firewall specs

Post by support »

Hi,

Thank you for sending that to us. We have manually tested that URL and found that we cannot reach your application server from any of our production IVR systems. When we attempt to fetch the URL, it will ultimately time out:

curl -vvv http://XXX.XX.XX.XXX:80/interpreter_voice.xml
* Trying XXX.XX.XX.XXX...
* connect to XXX.XX.XX.XXX port 80 failed: Connection timed out
* Failed to connect to XXX.XX.XX.XXX port 80: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to XXX.XX.XX.XXX port 80: Connection timed out

Both ping and traceroute fail as well:

traceroute to XXX.XX.XX.XXX (XXX.XX.XX.XXX), 30 hops max, 40 byte packets
1 somrtrc01.plumgroup.com (69.25.74.66) 0.342 ms 0.379 ms 0.425 ms
2 somfwlc01-peer.plumgroup.com (69.25.77.66) 1.628 ms 1.619 ms 1.817 ms
3 border7.ge10-23.plumgroup-11.bsn.pnap.net (66.150.201.244) 1.015 ms 1.220 ms 1.341 ms
4 core1.te6-1-bbnet1.bsn.pnap.net (63.251.128.1) 1.431 ms 1.434 ms 1.432 ms
5 bbr1.xe-0-2-0.inapvox-32.bsn.pnap.net (64.95.158.66) 1.185 ms 1.291 ms 1.291 ms
6 * * *
7 lightower-fiber-networks.10gigabitethernet15-8.core1.bos1.he.net (216.66.32.6) 0.921 ms 0.914 ms 0.905 ms
8 ae12-bstpmallj91.lightower.net (64.72.64.112) 1.011 ms 1.015 ms 1.119 ms
9 ae8-mrbomasmj92.lightower.net (104.207.214.123) 2.501 ms 2.501 ms 2.507 ms
10 ae8-bstnmablj41.lightower.net (104.207.214.92) 3.259 ms 3.400 ms 29.012 ms
11 xe-0-0-0-bdfrmaamj81.lightower.net (72.22.160.91) 3.988 ms 3.257 ms 3.250 ms
12 199.102.118.170.lightower.net (199.102.118.170) 3.505 ms 3.420 ms 3.525 ms
13 * * *
14 * * *
...
29 * * *
30 * * *

PING XXX.XX.XX.XXX (XXX.XX.XX.XXX) 56(84) bytes of data.

--- XXX.XX.XX.XXX ping statistics ---
148 packets transmitted, 0 received, 100% packet loss, time 147011ms

All of these tests came from the subnet 69.25.74.64/26.

Regards,
Plum Support

Post Reply