Firewall, Proxy and Content Filter Configurations
Configure your Firewall and proxy settings to allow Cloud Cover Music to stream over your network.
Patricia Rains avatar
Written by Patricia Rains
Updated over a week ago

Network Security - explicitly allowing services

Some networks have security restrictions on outbound (egress) internet traffic using firewalls, proxy servers or switches.  In this case, the firewall or proxy server will need to be configured to explicitly allow the streaming devices on the network to access the following Cloud Cover Music and Amazon Web Service hostnames/domains on port 443 only (TLS 1.2):

Note: allowing the wildcards for * and * saves adding separate entries if compliant with company security policies. 


  • The CloudBox also needs to connect to an NTP server on port 123 to get the time and date, which is used for the certificate to verify and connect over https.

  • Depending on the generation (model) of the CloudBox, it will require either on port 123UDP or from a NTP pool (multiple NTP sources). Our latest models (G9CX10 and above) of the Cloudbox use CloudBox models G9CX9 and below use source from If you have any questions support can confirm the specific NTP based on the generation of the CloudBox.

Mac Address

  • The CloudBox’s MAC address may also need to be specifically listed as a device to be allowed. The unique Ethernet MAC address is labeled on the Box, and will resemble C4:4E:63:1C:AE:38. The CloudBox will need to be power cycled before the new 'allow' settings are applied.

Content Filters

  • If your firewall/proxy or endpoints have content filters installed, the following audio file types need to be allowed: OGG, MP4 (AAC Codec) and MP3

Bandwidth Requirements

  • Cloud Cover Music uses roughly 1.5GB - 2GB a day (24 hours) per streaming device. In order to stream music consistently and without interruption, you should dedicate at least 384 Kbps in bandwidth.

Did this answer your question?