Doxy.me sends all traffic over port 443 via HTTPS.  Our audio/video capabilities will use other ports if they are available for an optimal experience but the service ultimately degrades gracefully to send everything over TCP on 443.

The most common issue experienced by customers of our service in corporate environments is firewall software blocking video traffic.  If the website renders but you cannot send and receive video and audio, try the service on an unrestricted network to verify that computer's camera/microphone are not the issue.

If you are in a hospital or clinic with a network firewall it's possible it is blocking access to websites or ports used by Doxy.me to make a successful call. Ask your IT staff to 'whitelist' the following:

Minimum Requirements
Open TCP port 443 for traffic to: 

  • doxy.me
  • *.doxy.me
  • *.opentok.com 
  • *.tokbox.com.
  • *.pubnub.com
  • pndsn.com
  • *.xirsys.com
  • xirsys.com

We maintain BAAs with all vendors that help us maintain our service. You can read more about these services and how Doxy.me uses them here.

Better Experience
Along with the minimum requirements, opening UDP Port 3478 will give you a better experience. UDP is highly recommended over TCP for better quality audio and video. The protocol favors timeliness over reliability which is consistent with the human perceptive preferences; where we can fill in gaps but are sensitive to time-based delays.

This port only accepts inbound traffic after an outbound request is sent. The connection is bidirectional but is always initiated from the corporate network/client so it is not possible for an external entity to send malicious traffic in the opposite direction.

Best Experience
For the best possible experience, we recommend opening UDP ports 1025 - 65535 for *.opentok.com and *.tokbox.com, *.xirsys.com and xirsys.com


Dynamic Subdomains
We do not provide IP ranges for these servers as they distributed globally for higher quality and are constantly updated and expanded.  

Similarly, specific domains (rather than wildcard domains) cannot be listed because those servers are specified by geographical area (eg mantis009-sjc.tokbox.com for server #9 in the San Jose region).

If you are still having issues after trying these steps, contact our support team

Did this answer your question?