Reply
Contributor
gamma
Posts: 5
0

LogMeIn.com IP addresses

I want to enable LogMeIn for VPN users, but in order to allow this to go through the firewall, I need to know what address netblocks logmein.com uses.  I tried checking Arin, but I noticed that not all IP addresses are in the same netblock.  Is this information publicly available?  Thanks!
Frequent Contributor
Anon14600
Posts: 49
0

RE: LogMeIn.com IP addresses

Hey Dan,
 
I've been trying to get this information for about a month from LMI support.  They have given me some of them, but I know for a fact there are more.  They are being kind of pokey in answering me.
 
At any rate, here are the IP's that their support gave me:
 
63.208.197.0/24
72.5.77.0/24

There is one other subnet I believe they use, but I have not been able to get them to confirm it, it is:
 
63.209.251.0/24
 
I wrote a little batch file to do a NSLOOKUP on their IP's.  The batch file is this:
 
@Echo Off
echo.> ip.log
for /l %%i in (0,1,255) do (
  echo 63.208.197.%%i >> ip.log
  nslookup 63.208.197.%%i > ip2.log
  find "Name:" ip2.log >> ip.log
  echo.>> ip.log
  )
for /l %%i in (0,1,255) do (
  echo 63.209.251.%%i >> ip.log
  nslookup 63.209.251.%%i > ip2.log
  find "Name:" ip2.log >> ip.log
  echo.>> ip.log
  )
for /l %%i in (0,1,255) do (
  echo 72.5.77.%%i >> ip.log
  nslookup 72.5.77.%%i > ip2.log
  find "Name:" ip2.log >> ip.log
  echo.>> ip.log
  )
del ip2.log

Create a new text file on your desktop and name it ip.cmd.  Copy and paste the above into it and save it.  Double click on it, it will take a few minutes to run.  It will output into a file called ip.log.  Open this with notepad and you can scroll through it and see what IP's have URL's registered to them.  There are a number of URL's that I didn't recognize at first, but upon further investigation, they are part of the LMI family.  They are (for example) hamachi.cc remotelypossible.com remotelyanywhere.com...
 
h
There are few situations in the galaxy that cannot be resolved by a direct application of concentrated phaser fire.
Contributor
gamma
Posts: 5
0

RE: LogMeIn.com IP addresses

I had it working for a short bit, but looks like there are more IP addresses to deal with.  Looks like they also own 69.25.20.0/23.  This is crazy, why can't they just publish the IP addresses so IT administrators can open the firewall to allow access.  Many networks use the 'whitelist' approach for internet access, so this info is really needed.
Frequent Contributor
Anon25085
Posts: 92
0

RE: LogMeIn.com IP addresses

According to my reserch 1507 UDP, 1508 TCP, 1509 UDP, 1510 TCP  http 1548 and https 1550 Domain 1551 and 1552 UDP .

That is on my system here using Comm View 5 and Peer Guardian to observe network traffic.


 
Contributor
gamma
Posts: 5
0

RE: LogMeIn.com IP addresses

I need to know the IP addresses tho, not the ports.  I only allow tcp/443 which works fine, I wouldn't open up any ports in your firewall.
Frequent Contributor
Anon25085
Posts: 92
0

RE: LogMeIn.com IP addresses

Dan how about you tell us what you want to achieve as IP addresses don't mean much as far as LMI is concerned communications IS PC to PC  LMI does the DNS so each client and host knows where each other is and that's it.

VIA VPN should be OK but I don't know.
a client  checks every now and then what the external IP is and updates the  LMI Authentication servers so when you log into your account you see the Host PC you want to connect to but when answering this question I get readings of 72.5.77.217 72.5.76.193 and 69.25.20.197 .

Oh there isn't any open ports in my firewall as I don't use one,  linux proxy server is a different kettle of fish though.
Contributor
gamma
Posts: 5
0

RE: LogMeIn.com IP addresses

IP addresses do mean a lot if one would like to run a secure network.  Firewalls can't filter by DNS name, they filter using IP addresses.

By default, my VPN users are not allowed to access the internet while connected to our corporate network.  But for support reasons, I would like the computer still be able to connect to LogMeIn, in case I need to troubleshoot VPN related issues remotely.  So I need to allow access to LogMeIn.com, and the only way to do this is by granting access to the IP addresses LogMeIn uses.

I have most of them figured out, but if they change it again, it will cause more headaches since this data is not published.
Frequent Contributor
Anon25085
Posts: 92
0

RE: LogMeIn.com IP addresses

Well in that case then you will need to run a DUC  Dynamic Update Client so the external IP of each LMI PC. The IP of the Authentication server may have an effect BUT the actual communications is between Host and Client and not the LIM server IP unfortunatly you may need to have both accessable.

OK your the Client on a remote PC and you are WAN not the LAN.

The Hosts you wish to support are accessing the Corporate network but they can't do both at the same time  ie disconnect from the VPN session and then start LMI session.
Can you do a schematic of where connections are going so I can better understand your communications needs.
New Contributor
City of Troy
Posts: 2
0

Re: LogMeIn.com IP addresses

[ Edited ]

We use an iPrism web filter from St Bernard which does not normally allow outbound connections without validation.  Expections can be made and this is what I have to do to get LogMeIn to work.  Here are the exception ranges I have found over time:

 

Please contact support directly for a complete list

New Contributor
City of Troy
Posts: 2
0

Re: LogMeIn.com IP addresses

[ Edited ]

We use an iPrism web filter from St Bernard which does not normally allow outbound connections without validation.  Expections can be made and this is what I have to do to get LogMeIn to work.  Here are the exception ranges I have found over time:

 

Please contact support directly for a complete list

 

Updated - 2008/11/13