diff --git a/fern/call-forwarding.mdx b/fern/call-forwarding.mdx
index e607e841e..81415760a 100644
--- a/fern/call-forwarding.mdx
+++ b/fern/call-forwarding.mdx
@@ -488,3 +488,16 @@ For use cases requiring AI-managed transfers, Vapi supports using assistants to
   - Use `"transcript"` for the fastest transfer processing with lowest latency
   - Use `"audio"` (default) for comprehensive machine detection including beep detection and other audio cues
 - For more details about transfer plans and configuration options, please refer to the [transferCall API documentation](/api-reference/tools/create#request.body.transferCall.destinations.number.transferPlan)
+
+## SIP transfer IP whitelisting
+
+When you transfer calls to a SIP endpoint using the `transferCall` tool with a `"type": "sip"` destination, the SIP `INVITE` originates from Vapi's static SIP signalling IP addresses. If the receiving SIP trunk requires IP whitelisting, add both addresses to your allowlist:
+
+- `44.229.228.186`
+- `44.238.177.138`
+
+These are the same IPs used for all Vapi SIP signalling on ports `5060` (UDP) and `5061` (TLS).
+
+<Tip>
+For the complete networking reference including RTP port ranges and firewall rules, see [SIP networking and firewall configuration](/advanced/sip/sip-networking).
+</Tip>
diff --git a/fern/calls/call-dynamic-transfers.mdx b/fern/calls/call-dynamic-transfers.mdx
index 15e62661c..388faabbf 100644
--- a/fern/calls/call-dynamic-transfers.mdx
+++ b/fern/calls/call-dynamic-transfers.mdx
@@ -452,7 +452,7 @@ sequenceDiagram
 
     <Note>
     **SIP transfers:** To transfer to a SIP endpoint, use `"type": "sip"` with `"sipUri"` instead:
-    
+
     ```json
     {
       "type": "transfer",
@@ -463,6 +463,8 @@ sequenceDiagram
       "content": "Transferring your call now."
     }
     ```
+
+    If the receiving SIP trunk requires IP whitelisting, allowlist Vapi's static SIP signalling IPs: `44.229.228.186` and `44.238.177.138`. See [SIP networking and firewall configuration](/advanced/sip/sip-networking) for the full reference.
     </Note>
   </Step>
 
diff --git a/fern/security-and-privacy/static-ip-addresses.mdx b/fern/security-and-privacy/static-ip-addresses.mdx
index 16731e5ce..cdd0d5c03 100644
--- a/fern/security-and-privacy/static-ip-addresses.mdx
+++ b/fern/security-and-privacy/static-ip-addresses.mdx
@@ -1,13 +1,18 @@
 ---
 title: Static IP addresses
-subtitle: Whitelist Vapi IP addresses 
+subtitle: Whitelist Vapi IP addresses
 slug: security-and-privacy/static-ip-addresses
 ---
 
 
 ## Introduction to Vapi static IP addresses
 
-Vapi supports static IP addresses for outbound HTTP requests. When enabled, all HTTP requests from Vapi to your server will originate from a fixed set of IP addresses, allowing you to configure strict firewall rules and network security policies.
+Vapi uses static IP addresses for two categories of traffic:
+
+- **HTTP webhook requests** -- Outbound HTTP requests from Vapi to your server (must be enabled per server object).
+- **SIP signalling** -- All SIP `INVITE`, `REGISTER`, `BYE`, and other signalling messages, including SIP transfers. These IPs are always static and do not require any opt-in.
+
+Static IPs allow you to configure strict firewall rules and network security policies for both webhook and SIP traffic.
 
 ## Why use static IP addresses
 
@@ -18,17 +23,17 @@ Static IP addresses provide an additional layer of security for your infrastruct
 - **Meet compliance requirements** - Satisfy security policies that mandate IP whitelisting
 - **Audit traffic sources** - Verify that requests are genuinely from Vapi's infrastructure
 
-## Vapi's static IP addresses
+## HTTP webhook static IP addresses
 
 When static IP addressing is enabled, all webhook requests from Vapi will originate from the following CIDR block:
 
 - `167.150.224.0/23`
 
-## Enabling static IP addresses
+### Enabling HTTP static IP addresses
 
-You can enable static IP addressing through the server object
+You can enable static IP addressing through the server object.
 
-### Example
+#### Example
 
 ```json
 {
@@ -41,6 +46,32 @@ You can enable static IP addressing through the server object
 Always test static IP configuration in a staging environment before deploying to production to avoid service disruptions.
 </Warning>
 
+## SIP traffic static IP addresses
+
+Vapi uses the following static IP addresses for all SIP signalling traffic, including SIP transfers initiated by the `transferCall` tool. These IPs are always active and do not require any configuration to enable.
+
+| IP address | Port | Protocol |
+| --- | --- | --- |
+| `44.229.228.186` | `5060` (UDP) / `5061` (TLS) | SIP signalling |
+| `44.238.177.138` | `5060` (UDP) / `5061` (TLS) | SIP signalling |
+
+You can also use the DNS hostname `sip.vapi.ai`, which resolves to both addresses.
+
+### When to use these IPs
+
+Allowlist both IP addresses if you:
+
+- **Receive SIP transfers from Vapi** -- When your Vapi assistant transfers calls to a SIP endpoint using the `transferCall` tool, the SIP `INVITE` originates from one of these addresses. Your receiving SIP trunk must allowlist them.
+- **Integrate a SIP trunk with Vapi** -- Your SIP provider's firewall must permit signalling traffic from these addresses for both inbound and outbound calls.
+
+<Warning>
+Both IP addresses must be allowlisted. Vapi may use either address for any given call. Missing one can cause intermittent call failures or rejected transfers.
+</Warning>
+
+<Note>
+RTP media (voice audio) does **not** use static IPs. For the complete networking reference including RTP port ranges and firewall rules, see [SIP networking and firewall configuration](/advanced/sip/sip-networking).
+</Note>
+
 ## Need help?
 
-If you have questions about static IP addressing, contact our support team at support@vapi.ai. 
\ No newline at end of file
+If you have questions about static IP addressing, contact our support team at support@vapi.ai.
\ No newline at end of file