What domain names and ports does Wire connect to?

  • Updated

General

In order to work well, Wire needs to have access to the following domain names:

wire.com, www.wire.com, prod-nginz-https.wire.com, prod-nginz-ssl.wire.com, prod-assets.wire.com, wire-app.wire.com, clientblacklist.wire.com

Wire uses load balancers that return dynamic IP addresses for these domain names, which means that potential whitelisting has to be based on domain names rather than IP addresses. All of these domain names need to be reachable on TCP port 443.

Calling

If IP-to-IP connections are not possible, Wire uses TURN servers to relay calls. The list of TURN servers can be obtained by looking up the SRV record of the domain name _turn._udp.prod.wire.com.
Currently the TURN servers are:

turn01.de.prod.wire.com, turn02.de.prod.wire.com, turn03.de.prod.wire.com, turn04.de.prod.wire.com

TURN servers need to be reachable on all UDP ports for highest reliability. Should that not be possible, TURN servers will be contacted on port 3478 via TCP or port 5349 via TLS. For a more robust calling experience, outbound UDP connections to all IP addresses should be allowed.

Some firewalls may require enabling of WebRTC and SRTP Audio/Video protocols in the application control.

Other

Additionally Wire might connect to other domain names, for example when link previews are generated, or when media like YouTube, Vimeo, SoundCloud, etc. are shared.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.