Please allow *.whispersystems.org, TCP ports 80, 8443, 4433, 443, and 31337, and all UDP. If you have a transparent or reverse proxy it needs to support WebSockets.
Signal uses a non-standard TCP port to catch filtering issues at the signaling step and a random UDP port. All UDP ports will need to be opened. The underlying IPs are constantly changing, so it'd be hard to define accurate firewall rules.
How to know if you need to check your network or firewall settings:
- You have Google Play Services working and can not register for Signal Android
- You do not see a QR code to scan when linking with Signal Desktop
- Your contact's ports are blocked if
- You place a call to your contact
- It rings on his/her end
- When they answer the call is never connected
- You called him/her
- The call never rings on your contacts side