Network Security - explicitly allowing services
Some networks have security restrictions on outbound (egress) internet traffic using firewalls, proxy servers or switches. In this case, the firewall or proxy server will need to be configured to explicitly allow the streaming devices on the network to access the following Pandora CloudCover and Amazon Web Service hostnames/domains on port 443 only (TLS 1.2, TLS 1.3):
Note: allowing the wildcards saves adding separate entries if compliant with company security policies.
Add these for our Pandora Radio Functionality
NTP
time.cloudcovermusic.com on port 123UDP
CloudBox's (Models G9Y4, and G9CX10 to G9CX21)
pool.ntp.org on port 123UDP
Only older model CloudBox's (Models G9CX9 and below)
The CloudBox needs to connect to an NTP server on port 123 to get the time and date, which is used for the certificate to verify and connect over https.
If you have any questions support can confirm the specific NTP based on the generation of the CloudBox.
DNS
Port 853 for DNS over TLS
Mac Address
The CloudBox’s MAC address may also need to be specifically listed as a device to be allowed. The unique Ethernet MAC address is labeled on the Box, and will resemble C4:4E:63:1C:AE:38. The CloudBox will need to be power cycled before the new 'allow' settings are applied.
Content Filters
If your firewall/proxy or endpoints have content filters installed, the following audio file types need to be allowed: OGG, MP4 (AAC Codec) and MP3
Bandwidth Requirements
Pandora CloudCover uses roughly 1.5GB - 2GB a day (24 hours) per streaming device. In order to stream music consistently and without interruption, you should dedicate at least 384 Kbps in bandwidth, but 1.5Mbps is recommended.
Troubleshooting Network Issues?
If you encounter network-related problems while using our service, consult our Network Configuration Tests guide for assistance
Are you wondering about device compatibility? You can find detailed information in our guide: Supported Devices - System Requirements.