Allow listing and Firewall Configuration for LogMeIn Products
If you or your company uses a firewall allowlist to restrict network access to only specific websites or software, then you can use the information below to ensure that your service can connect.
Ports
LogMeIn products are configured to work with the following ports:
Port | Purpose |
---|---|
Outbound TCP 443 | Required, used by all products |
Outbound TCP 80 | Recommended, used for in-session communication |
UDP 8200 | Recommended, used for integrated Voice over IP (VoIP) and in-session communication |
UDP 1853 | Recommended, used for integrated webcam video support |
TCP 1720TCP 3000-4000UDP 3000-4000 | Used for InRoom Link video conference systemsCan be closed when not using InRoom LinkAll GoToMeeting Telepresence Gateway IPs are listed below |
Inbound connections | Not required |
Domains
For most firewall or proxy systems, we recommend specifying an allowlist of DNS names for LogMeIn product services so that outbound connections can be made. The list of LogMeIn product domains currently includes (but is not limited to) the lists below.
Universally Required Allowlisting
Domain | Description/Purpose |
---|---|
api.filepicker.io | Third-party file-hosting serviceThis will soon change to *.filestackapi.com. |
*.cdngetgo.com | CDN used by multiple LogMeIn products |
*.clientstream.launchdarkly.com | Third-party feature testing service |
*.cloudfront.net | Third-party CDN |
*.expertcity.com | Corporate domain used by multiple LogMeIn products |
*.filestackapi.com | Third-party file-hosting service(NEW! FilePicker has changed their name) |
*.getgo.com | Product domain used by multiple LogMeIn products |
*.getgocdn.com | CDN used by multiple LogMeIn products |
*.getgoservices.com | Product domain used by multiple LogMeIn products |
*.getgoservices.net | Product domain used by multiple LogMeIn products |
*.goto-rtc.com | Real-time communication service used by multiple products |
*.launchdarkly.com | Third-party feature testing service |
*.logmein.com | Corporate domain used by multiple LogMeIn products |
*.logmeininc.com | Corporate domain used by multiple LogMeIn products |
*.logmein.eu | Corporate domain used by multiple LogMeIn products |
*.raas.io | Real-time communication service used by multiple LogMeIn products |
*accounts.logme.in | Corporate domain used by multiple LogMeIn products |
*.internap.net | Powers updates to multiple LogMeIn products |
*.internapcdn.net | Powers updates to multiple LogMeIn products |
Rescue
Rescue Domains |
---|
*.LogMeIn123.com |
*.123rescue.com |
*.support.me |
*.logmeinrescue.com |
*.logmeinrescue.eu |
*.logmeinrescue-enterprise.com (Powers account-specific Rescue features, not required for standard accounts) |
*.logmein-gateway.com |
Rescue Lens
Rescue Lens Domains |
---|
*.logmeinrescue.com |
*.logmeinrescue-enterprise.com (only required for Enterprise accounts) |
LogMeIn Pro & Central
LogMeIn Pro/Central Domains | Feature Supported |
---|---|
*.logmeinusercontent | For files stored and shared using the LogMeIn Pro Files feature |
*.browse.logmeinusercontent.com | For files stored and shared using the LogMeIn Pro Files feature |
lmi-antivirus-live.azureedge.net | For LogMeIn Central – Antivirus |
lmi-appupdates-live.azureedge.net | For LogMeIn Central – Application updates |
Important considerations for allowlisting by IP Ranges
It is recommended to use wildcard rules whenever possible while allowlisting or blocking any LogMeIn services on your network as sub-domains of the domains listed above are included. Also, the client-to-host connection uses peer-to-peer connections, encrypted within a 256-bit AES tunnel.
Use of IP ranges instead of domain names for the firewall configuration is discouraged unless absolutely necessary because our IP ranges and those of our provider networks need to be periodically audited and modified, creating additional maintenance for your network. These changes are necessary to continue to provide the maximum performance for our LogMeIn products. Maintenance and failover events within our infrastructure may cause you to connect to servers within any of the ranges.
If your firewall includes a content or application data scanning filter, this may cause a block or latency, which would be indicated in the log files for the filter. To address this problem, verify that the domains or IP ranges will not be scanned or filtered by specifying exception domains or IP ranges. If your security policy requires you to specify explicit domain or IP ranges, then configure your firewall exceptions for outbound TCP ports 8200, 443, and 80 as well as UDP ports 8200 and 1853 for the LogMeIn domains or IP ranges, including those of our third-party provider networks.
LogMeIn server / Data Center IP addresses for use in firewall configurations
Equivalent specifications in 3 common formats
Assigned Range by Block | Numeric IP Address Range | Netmask Notation | CIDR Notation |
---|---|---|---|
Block 1 | 216.115.208.0 – 216.115.223.255 | 216.115.208.0 255.255.240.0 | 216.115.208.0/20 |
Block 2 | 216.219.112.0 – 216.219.127.255 | 216.219.112.0 255.255.240.0 | 216.219.112.0/20 |
Block 3 | 67.217.64.0 – 67.217.95.255 | 67.217.64.0 255.255.224.0 | 67.217.64.0/19 |
Block 4 | 173.199.0.0 – 173.199.63.255 | 173.199.0.0 255.255.192.0 | 173.199.0.0/18 |
Block 5 | 206.183.100.0 – 206.183.103.255 | 206.183.100.0 255.255.252.0 | 206.183.100.0/22 |
Block 6 | 68.64.0.0 – 68.64.31.255 | 68.64.0.0 255.255.224.0 | 68.64.0.0/19 |
Block 7 | 23.239.224.0 – 12.239.255.255 | 23.239.224.0 255.255.224.0 | 23.239.224.0/19 |
Block 8 | 202.173.24.0 – 202.173.31.255 | 202.173.24.0 255.255.248.0 | 202.173.24.0/21 |
Block 9 | 78.108.112.0 – 78.108.127.255 | 78.108.112.0 255.255.240.0 | 78.108.112.0/20 |
Block 10 | 185.36.20.0 – 185.36.23.255 | 185.36.20.0 255.255.252.0 | 185.36.20.0/22 |
Block 11 | 188.66.40.0 – 188.66.47.255 | 188.66.40.0 255.255.248.0 | 188.66.40.0/21 |
Block 12 | 45.12.196.0 – 45.12.199.255 | 45.12.196.0 255.255.252.0 | 45.12.196.0/22 |
Block 13 | 162.250.60.0 – 162.250.63.255 | 162.250.60.0 255.255.252.0 | 162.250.60.0/22 |
Block 14 | 199.36.248.0 – 199.36.251.255 | 199.36.248.0 255.255.252.0 | 199.36.248.0/22 |
Block 15 | 199.87.120.0 – 199.87.123.255 | 199.87.120.0 255.255.252.0 | 199.87.120.0/22 |
Block 16 | 66.151.158.0 – 66.151.158.255 | 66.151.158.0 255.255.255.0 | 66.151.158.0/24 |
Block 17 | 66.151.150.160 – 66.151.150.191 | 66.151.150.160 255.255.255.224 | 66.151.150.160/27 |
Block 18 | 64.74.80.0 – 64.74.80.255 | 64.74.80.0 255.255.255.0 | 64.74.80.0/24 |
Block 19 | 103.15.16.0 – 103.15.19.255 | 103.15.16.0 255.255.252.0 | 103.15.16.0/22 |
Block 20 | 64.74.17.0 – 64.74.17.255 | 64.74.17.0 255.255.255.0 | 64.74.17.0/24 |
Block 21 | 64.74.18.0 – 64.74.19.255 | 64.74.18.0 255.255.254.0 | 64.74.18.0/23 |
Block 22 | 64.74.103.0 – 64.74.103.255 | 64.74.103.0 255.255.255.0 | 64.74.103.0/24 |
Block 23 | 64.94.18.0 – 64.94.18.255 | 64.94.18.0 255.255.255.0 | 64.94.18.0/24 |
Block 24 | 64.94.46.0 – 64.94.47.255 | 64.94.46.0 255.255.254.0 | 64.94.46.0/23 |
Block 25 | 64.95.128.0 – 64.95.129.255 | 64.95.128.0 255.255.254.0 | 64.95.128.0/23 |
Block 26 | 66.150.108.0 – 66.150.108.255 | 66.150.108.0 255.255.255.0 | 66.150.108.0/24 |
Block 27 | 69.25.20.0 – 69.25.21.255 | 69.25.20.0 255.255.254.0 | 69.25.20.0/23 |
Block 28 | 69.25.247.0 – 69.25.247.255 | 69.25.247.0 255.255.255.0 | 69.25.247.0/24 |
Block 29 | 95.172.70.0 – 95.172.70.255 | 95.172.70.0 255.255.255.0 | 95.172.70.0/24 |
Block 30 | 111.221.57.0 – 111.221.57.255 | 111.221.57.0 255.255.255.0 | 111.221.57.0/24 |
IPv6 addresses space
Assigned by Block | Classless Inter-Domain Routing (CIDR) format |
---|---|
Block 1 | 2620:0:c70::/48 |
Block 2 | 2a04:6660::/30 |
Data Centers
We scale our services into third-party cloud and carrier networks for improved performance. To ensure continuous up-time, we also maintain data centers in the following regions:
- U.S.: Nevada, Georgia, Virginia
- Global: Netherlands, Germany, India, China
- Global Public Cloud (including, but not limited to): California, Oregon, Virginia, Singapore, Australia, Japan
- Content Delivery Public Cloud (including, but not limited to): California, Washington, Texas, Indiana, Missouri, New Jersey, Brazil, United Kingdom, Amsterdam, Germany, France, Italy, Hong Kong, Japan, Singapore
Third-party provider IP ranges
IP ranges for the content delivery network (CDN)
IP ranges for other services (audio, video and screen sharing)
IP ranges for Cloudflare (specific to GoToMyPC)