These are all outbound 8801 connections? We don't block outbound, but we do block inbound, and our firewall is blocking a number on port 8801. Zoom's Firewall article https://support.zoom.us/hc/en-us/articles/201362683 only shows outbound as being required, but the inbound traffic is puzzling.
John Rodkey Director of Servers and Networks Westmont College Verification: Unsure if this is a legitimate email to an email list? Make sure it is recorded at https://my.westmont.edu/it_emails "*God-fearing faith... is neither brash nor foolhardy and does not tempt God."* - Martin Luther On Fri, Feb 12, 2021 at 8:54 AM Hales, David <dha...@tntech.edu> wrote: > Zoom starts out trying UDP/8801, then if that fails goes to TCP/8801. > Then if that fails it runs SSL on TCP/443. Then if that fails the user has > to use the web client over http/https. You can find the networks needed in > an automatically updated text list format for linking to dynamic firewall > rules at the follow URLs: > > > > https://assets.zoom.us/docs/ipranges/ZoomMeetings.txt > > https://assets.zoom.us/docs/ipranges/Zoom.txt > > > > That being said, this fallback process is at call setup. Once the call is > up and running, if you’re seeing client association issues, then the Zoom > disconnects or hangs that follow those are just symptoms of whatever is > causing the wireless issues between the client and the AP. > > > > *David Hales* > > *Network Systems Administrator* > > > > Information Technology Services > > Tennessee Tech University > > 1010 N. Peachtree Av., CLEM117 > > Cookeville, TN 38505 > > *P:* 931-372-3983 > > *E: *dha...@tntech.edu > > > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Sullivan, Don > *Sent:* Friday, February 12, 2021 10:01 AM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* Re: [WIRELESS-LAN] Macbook zoom wireless dropout issues > > > > *External Email Warning* > > *This email originated from outside the university. Please use caution > when opening attachments, clicking links, or responding to requests.* > ------------------------------ > > Ok, I’m going to throw something out there that may sound stupid, but I am > ok with appearing stupid. When a client initiates a zoom call is that done > via UDP or TCP? If it is done via UDP, can the session fail over to using > TCP SSL connectivity in the middle of the call? Can that in turn create a > situation where the wireless session disassociates and then tries to > reassociate? I ask these questions because when I have been looking at > drops during a Zoom call I have been seeing the wireless client > disassociating and re associating at the same time the Zoom dashboard says > the client lost their network connection. Those of you using Voyance (ENI) > will see it in the time line as a “bad roam”. I am wondering if I am seeing > a wireless network issue or is it a client and/or Zoom issue. I have seen > it on both Windows and Macs. Just wondering if this is a one off or > consistent with what others are seeing. > > > > *Don Sullivan* > > *Network Administrator* > > *Technology Services* > > > > 205-726-2111 <+1205-726-2111> | office > > dsulli...@samford.edu > > LinkedIn > <https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Flinkedin.com%2Fin%2Fdonaldasullivan&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856917823%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=l9y2yWdXgafEV3Mv5agMLCQW4b9EhWXX64vgXesEzzY%3D&reserved=0> > > www.samford.edu > <https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.samford.edu%2F&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856927814%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=qwWHuNk%2BydBuxM%2FLl2Ko%2FU6gFKLsqzuEFE8sXsuKz%2FA%3D&reserved=0> > > 800 Lakeshore Drive > Birmingham, AL 35229 > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmaps.google.com%2Fmaps%3Fq%3D800%2BLakeshore%2BDrive%2C%2BBirmingham%2C%2BAL%2B35229%2C%2BUS&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856927814%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=KWFea%2FK%2FVhOAyGZIVmC1wtw0CyXZ7Q%2BWGMD0tDhNlTM%3D&reserved=0> > > > > [image: Samford Samford University Logo] > > > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Hales, David > *Sent:* Friday, February 12, 2021 09:21 > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* [EXTERNAL]Re: [WIRELESS-LAN] Macbook zoom wireless dropout > issues > > > > I was just following this thread along until a ticket dropped in my lap > this morning with a large Zoom session that apparently was cratering all > over the place. After reviewing the connection report from Zoom for the > session in question, there’s a pretty strong correlation between clients > connecting over SSL having very absurdly high latency and jitter as opposed > to clients connecting via UDP. There were a handful of folks in the > session off campus and those running SSL had the same problems. > > > > Of course, there were far fewer off campus folks running SSL type > connections since most home routers let just about anything go outbound. > If this ends up being a cause of major issues, then folks switching to > hotspots will indeed feel like that solved their problems in many cases, > causing them to further curse the “crappy campus network”. ☹ > > > > Zoom uses a fallback to TCP/443 SSL connectivity when it can’t get through > on its default UDP port (8801) or TCP port (8801). I’m starting to suspect > that the SSL fallback might have some significant issues and am going to > investigate allowing the UDP connections through our firewalls for Zoom > sessions. I’d be curious to see if any of the other folks getting big > spikes of Zoom complaints could provide further corroboration for this > theory? > > > > *David Hales* > > *Network Systems Administrator* > > > > Information Technology Services > > Tennessee Tech University > > 1010 N. Peachtree Av., CLEM117 > > Cookeville, TN 38505 > > *P:* 931-372-3983 > > *E: *dha...@tntech.edu > > > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Lee H Badman > *Sent:* Friday, February 12, 2021 9:00 AM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* Re: [WIRELESS-LAN] Macbook zoom wireless dropout issues > > > > *External Email Warning* > > *This email originated from outside the university. Please use caution > when opening attachments, clicking links, or responding to requests.* > ------------------------------ > > The by-product? “The campus network sucks. I’m using my hotspot…” let the > fun begin. > > > > *Lee Badman* | Network Architect (CWNE#200) > > Information Technology Services > (NDD Group) > 206 Machinery Hall > 120 Smith Drive > Syracuse, New York 13244 > > *t* 315.443.3003 * e* lhbad...@syr.edu *w* its.syr.edu > > Campus Wireless Policy: > https://answers.syr.edu/display/network/Wireless+Network+and+Systems > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fanswers.syr.edu%2Fdisplay%2Fnetwork%2FWireless%2BNetwork%2Band%2BSystems&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856937806%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=mUpcUOKP9GDYTC91ye50rgETqwRtNb7ys5Orkqfsc4g%3D&reserved=0> > > *SYRACUSE UNIVERSITY* > syr.edu > > > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Ian Lyons > *Sent:* Friday, February 12, 2021 9:54 AM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* Re: [WIRELESS-LAN] Macbook zoom wireless dropout issues > > > > We had a huge upswell of Mac users not being able to connect and the > newest OS was at fault. Older macs further away...no issues. Mac's with new > OS right under an AP... couldnt connect reliably, huge CPU spikes and or > crappy wifi. > > > > Ahh, I love Apple. > > > > But yeah, in this instance, dont discount the OS. > > > > Ian > > > > Cheers > > Ian J Lyons > > Network Architect - Rollins College > > 401.413.1661 Cell > > 407.628.6396 Desk > > > > > > > ------------------------------ > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Julian Y Koh < > kohs...@northwestern.edu> > *Sent:* Friday, February 12, 2021 9:35 > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> > *Subject:* Re: [WIRELESS-LAN] Macbook zoom wireless dropout issues > > > > * External Email * > > > > > > > > On Feb 12, 2021, at 07:56, Sidharth Nandury <nandu...@denison.edu> wrote: > > > > We are an Aruba shop at Denison University and have received reports of > issues on Zoom and Google Meet as well mostly on Mac OS. Looking into the > Zoom dashboard statistics of some of these calls we are seeing the "Max > Loss" percentage go up to 99% frequently and back down to 2-6 % on wireless > when there are no issues. We can generally co-relate this to higher ping > responses. I would also love to what other Universities are doing to look > at this. > > > > This thread reminded me of a recent on on the NANOG mailing list about > Macs and wireless issues. Go to > https://mailman.nanog.org/pipermail/nanog/2020-October/thread.html > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailman.nanog.org%2Fpipermail%2Fnanog%2F2020-October%2Fthread.html&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856937806%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WoQg5XHT%2FahMkLuT9imrXZWRfVRBG3XPZiuz%2B6oz4sY%3D&reserved=0> > and > look at the thread titled "Apple Catalina Appears to Introduce Massive > Jitter”. I can’t remember all of the details but the tl;dr summary that I > remember involved some interaction between Bluetooth, possibly Location > Services, and Wi-Fi. > > > > > > -- > Julian Y. Koh > Associate Director, Telecommunications and Network Services > Northwestern Information Technology > > 2020 Ridge Avenue #331 > Evanston, IL 60208 > +1-847-467-5780 > Northwestern IT Web Site: <http://www.it.northwestern.edu/ > <https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.it.northwestern.edu%2F&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856947806%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RgBW5uplTqqi410Z%2F6BD1d2kfRtQpAa9GrpEHnWgqqY%3D&reserved=0> > > > PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbt.ittns.northwestern.edu%2Fjulian%2Fpgppubkey.html&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856957801%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=HdTMd%2FsGYHFcokHSQeNVIKoByslPlKLBhKOX2hP8Ib0%3D&reserved=0> > > > > > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856957801%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=n31PH0K32ACgQzh2OvrY2Dv6QCoV4YxHiK%2FlxrM8Hh0%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856967793%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=D72I79h%2FYEIDT70n1aEPV9U2%2B9YO%2B%2BJwyPXuVc%2BrMSw%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856967793%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=D72I79h%2FYEIDT70n1aEPV9U2%2B9YO%2B%2BJwyPXuVc%2BrMSw%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecure-web.cisco.com%2F1A_43nwTLPv7jOgd4yq_wt9IcpuOi-2wQBeLZs7vF7TsQYFvwumT-VBfBUB7y8t4yeGvDCM6v4rJ-c5N6AmwjhyhtZF-ujQgZdX4tTr5Ya_edvx-_SXdOhTI8wFKqRAARjq6yYTvKUm4df9YNtQQS1btjvO-MdBcYoaNyju8HuGiq_H881p9KGT9bwNFxyveYiRy6VtSovkTqhvzQCZKLrrA_XDj_1e6NENYNl8Am-GrFinbtNtyciRcWQdZogq5-l4wREKJTgM4Kbw7Hg0WvrcKLwwCVnWc-j85FM-4JwpxSoFOG5Ct4LQ-i3iVNHPfV%2Fhttps%253A%252F%252Fwww.educause.edu%252Fcommunity&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856977788%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=OlidTJlc%2BjIkqG3BhEnUQeAAefNx6KEQZB7r0eFt%2Bj8%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856977788%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=wam4GzFUUZogzf%2BtcWg%2Bez7sUpHq5O39M3ZlunDBcjk%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
