Firewall Settings

f you are running your OnSign TV players behind a firewall, it will be required to configure a few domains and ports, so the players can operate.

Please, make sure you build your Firewall rules using the domains listed below and NOT an IP-based whitelisting. We would like to reinforce this recommendation as:

 

OnSign Domains and Ports

HTTPS traffic (port 443)

  • *.onsign.tv
  • *.signagewidgets.net, signagewidgets.net
  • storage.googleapis.com

 HTTP traffic (port 80)

NTP traffic (port 123)

  • *.ntp.org

White Label Players 

If you are using a White Label, then you should:

  • add a rule with your custom domain instead of the *.onsign.tv
  • add your White Label server-specific URL (port 443). This is the URL used to configure the CNAME for your White Label URL. You can use this tool to find your CNAME setting in case you don’t remember it.

Here is an example of the additional rules required to be configured for the White Label app.123-signage.com in this case it is required to add these two rules:

  • app.123-signage.com (port 443)
  • app-r4zfwn.signagewidgets.net (443)

Hardware Specific Whitelisting

Depending on your hardware manufacturer it is required to whitelist additional domains as follows:

 

Samsung SSSP and Tizen Screens

  • *.samsungcloudsolution.com

LG webOS

  • lgtvonline.lge.com

BrightSign 

  • *.brightsignnetwork.com

 Testing your Firewall

Just use the actual player or connect a computer to the player network and open this URL in a browser to test your firewall rules.