cancel
Showing results for 
Search instead for 
Did you mean: 
LogMeIn Manager

Optimal Firewall Configuration Information

This page covers information involving the servers used for our GoTo products (GoToMeeting, GoToWebinar, GoToTraining, GoToAssist, GoToMyPC, and OpenVoice). Also see Whitelisting and LogMeIn for additional information on our other LogMeIn products. (updated 11/15/2017)

 

Our GoTo products are configured to work through outbound TCP ports 8200, 443 and 80, as well as UDP ports 8200 and 1853. Our products do not require any inbound connections. Outbound TCP port 443 is required in all cases. Connections via outbound TCP port 8200 are optimal for in-session communication, although TCP ports 443 and 80 can also be used. Optimal audio and video require that the UDP ports also be open.

Integrated Voice over IP (VoIP) connections are configured to work outbound through UDP port 8200. Integrated webcam video support is configured through UDP port 1853.


For InRoom Link video conference systems, configure your corporate firewall to enable the following send ports - 1720 TCP, 3000-4000 TCP, and 3000-4000 UDP. You can keep these ports closed when you are not using InRoom Link.


For most firewall or proxy systems, we recommend specifying a whitelist of DNS names for GoTo services so outbound connections can be made. The list of GoTo domains currently includes (but is not limited to) the following:

Domain Description/Purpose
*.assist.com Product domain used by GoToAssist
api.filepicker.io

Third-party file-hosting service used by multiple GoTo products

Note: This will soon change to *.filestackapi.com.

*.citrixonline.com Corporate domain used by multiple GoTo products (until 12/4/17)
*.citrixonlinecdn.com

Content delivery network (CDN) used by multiple GoTo products  (until 12/4/17)

*.cloudfront.net Third-party CDN used by multiple GoTo products
*.expertcity.com Corporate domain used by multiple GoTo products
*.fastsupport.com Product domain used by GoToAssist
*.filestackapi.com

Third-party file-hosting service used by multiple GoTo products

(NEW! FilePicker has changed their name)

*.getgo.com Product domain used by multiple GoTo products
*.getgocdn.com CDN used by multiple GoTo products
*.getgoservices.com Product domain used by multiple GoTo products
*.getgoservices.net Product domain used by multiple GoTo products
*.go2assist.me Product domain used by GoToAssist
*.gofastchat.com Product domain used by GoToAssist
*.goto-rtc.com Real-time communication service used by multiple GoTo products
*.gotoassist.com Product domain used by GoToAssist
*.gotoassist.at Product domain used by GoToAssist
*.gotoassist.me Product domain used by GoToAssist
*.gotomeet.at Product domain used by GoToMeeting
*.gotomeet.me Product domain used by GoToMeeting
*.gotomeeting.com Product domain used by GoToMeeting
*.gotomypc.com Product domain used by GoToMyPC
*.gototraining.com Product domain used by GoToTraining
*.gotowebinar.com Product domain used by GoToWebinar
*.helpme.net Product domain used by GoToAssist
*.joingotomeeting.com Product domain used by GoToMeeting
*.jointraining.com Product domain used by GoToTraining
*.joinwebinar.com Product domain used by GoToWebinar
*.logmein.com Product domain used by LogMeIn (product)
*.logmeininc.com Corporate domain used by multiple GoTo products
*.openvoice.com Product domain used by OpenVoice, GoToMeeting and join.me
*.osdimg.com CDN used by multiple GoTo products (until 12/4/17)
*.raas.io Real-time communication service used by multiple GoTo products
*.webinar.com Product domain used by GoToWebinar

 

Important Note: Use of IP ranges instead of domain names for the firewall configuration are discouraged unless absolutely necessary because our IP ranges and those of our provider networks need to be periodically audited and modified, creating additional maintenance for your network. These changes are necessary to continue to provide the maximum performance for our GoTo products. Maintenance and failover events may cause you to connect to servers within any of the ranges.

If your firewall includes a content or application data scanning filter, this may cause blocking or latency, which would be indicated in the log files for the filter. To address this problem, verify the domains or IP ranges will not be scanned or filtered by specifying exception domains or IP ranges that will not be filtered. If your security policy requires you to specify explicit domain or IP ranges, then configure your firewall exceptions for outbound TCP ports 8200, 443 and 80, as well as UDP ports 8200 and 1853 for the LogMeIn domains or IP ranges, including those of our provider networks given below.

 

GoTo server / Datacenter IP addresses for use in firewall configurations

Equivalent specifications in 3 common formats

Assigned
Range by Block
Numeric IP
Address Range
Netmask Notation CIDR Notation
Block 1 216.115.208.0 - 216.115.223.255 216.115.208.0 255.255.240.0 216.115.208.0/20
Block 2 216.219.112.0 - 216.219.127.255 216.219.112.0 255.255.240.0 216.219.112.0/20
Block 3 66.151.158.0 - 66.151.158.255 66.151.158.0 255.255.255.0 66.151.158.0/24
Block 4 66.151.150.160 - 66.151.150.191 66.151.150.160 255.255.255.224 66.151.150.160/27
Block 5 66.151.115.128 - 66.151.115.191 66.151.115.128 255.255.255.192 66.151.115.128/26
Block 6 64.74.80.0 - 64.74.80.255 64.74.80.0 255.255.255.0 64.74.80.0/24
Block 7 202.173.24.0 - 202.173.31.255 202.173.24.0 255.255.248.0 202.173.24.0/21
Block 8 67.217.64.0 - 67.217.95.255 67.217.64.0 255.255.224.0 67.217.64.0/19
Block 9 78.108.112.0 - 78.108.127.255 78.108.112.0 255.255.240.0 78.108.112.0/20
Block 10 68.64.0.0 - 68.64.31.255 68.64.0.0 255.255.224.0 68.64.0.0/19
Block 11 206.183.100.0 - 206.183.103.255 206.183.100.0 255.255.252.0 206.183.100.0/22
Block 12 173.199.0.0 - 173.199.63.255 173.199.0.0 255.255.192.0 173.199.0.0/18
Block 13 103.15.16.0 - 103.15.19.255 103.15.16.0 255.255.252.0 103.15.16.0/22
Block 14 180.153.30.0 - 180.153.31.255 180.153.30.0 255.255.254.0 180.153.30.0/23
Block 15 23.239.224.0 - 23.239.255.255 23.239.224.0 255.255.224.0 23.239.224.0/19
Block 16 185.36.20.0 - 185.36.23.255 185.36.20.0 255.255.252.0 185.36.20.0/22
Block 17 188.66.40.0 - 188.66.47.255 188.66.40.0 255.255.248.0

188.66.40.0/0

 

IPv6 addresses space

Assigned
Range by Block
Classless Inter-Domain Routing (CIDR) format
Block 1 2620:0:c70::/48
Block 2 2a04:6660::/30

 

We scale our services into third-party cloud and carrier networks for improved performance. To ensure continuous up-time, we also maintain data centers in the following regions:

  • U.S.: Nevada, Georgia, Virginia
  • Global: Netherlands, Germany, India, China
  • Global Public Cloud (including, but not limited to): California, Oregon, Virginia, Singapore, Australia, Japan
  • Content Delivery Public Cloud (including, but not limited to): California, Washington, Texas, Indiana, Missouri, New Jersey, Brazil, United Kingdom, Amsterdam, Germany, France, Italy Hong Kong, Japan, Singapore

IP ranges for the content delivery network (CDN)

IP ranges for other services (audio, video and screen sharing)

IP ranges for Cloudflare (specific to GoToMyPC)

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
19 REPLIES
LogMeIn Manager

Re: Optimal Firewall Configuration Information

Updated 5/26/2017
Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
LogMeIn Manager

Re: Optimal Firewall Configuration Information

Updated 11/15/2017

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Active Contributor

Re: Optimal Firewall Configuration Information

Hi Glenn,

Can you confirm if TCP 8200 needs to be unblocked, or will it just use 443 and 80 instead?

Thanks

James

LogMeIn Manager

Re: Optimal Firewall Configuration Information

Hi James,

 

Our software will test all 3 ports and use which ever allows outbound communication. 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Active Contributor

Re: Optimal Firewall Configuration Information

Great, thanks Glen.

Is there a way to prevent file sharing within the application? And is it compatible with both SOCKS and NTLM proxy servers?

 

Thanks

James

LogMeIn Manager

Re: Optimal Firewall Configuration Information

@james2484 GoToMeeting, GoToWebinar and GoToTraining do not have a file transfer feature. For the Proxy you maybe asked to provide your credentials before our sofware will be allowed to connect, we also have a Connection Wizard that can be run on Windows PCs to trigger this if needed.

 

I would recommend starting with our System Check page here: https://support.logmeininc.com/gotowebinar/system-check-attendee There is a test session that you can try to join to test out the flow. You can download and run our Connnection Wizard from here: https://support.logmeininc.com/article/g2m050025

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Active Contributor

Re: Optimal Firewall Configuration Information

Hi,

Is it possible to join a test session from the  G2M setup MSI multi user installer? We use this in conjucntion with the GoToMeetingMultiUserOpener.

 

We have a relatively  high secuirty environment, and the installed application doesn't seem to be running.

 

2948               _createProcess: ...

14:50:52     2948 E: Installer launch failed; command was: "C:\Users\BLAMPI~1\AppData\Local\Temp\CCCED23B-8675-4859-85EC-

 

for the test, it seems to be trying to download a component? Surely it shouldn't be trying to use this location?

Thanks

James

LogMeIn Contributor

Re: Optimal Firewall Configuration Information

Hi James,

Yes, we do attempt to install the GoToMeeting endpoint through the AppData folder.

 

To join a test session, we have this page available:  GoToMeeting Test Session

 

Active Contributor

Re: Optimal Firewall Configuration Information

Hi,

During our testing, we’ve found that the G2M multi-client makes connections to *.expertcity.com as LocalSystem. This only occurs during live webinars, not pre-recorded ones.

As a result, we’ve had to whitelist the URL above on a per machine basis, which is a bit of a management headache.

 

Moving forward, we’d like to make this a global exception, but we’re unwilling to do so without understanding exactly what is going on here behind the scenes.

 

Cna you please clarify?

 

Thanks

James