Manually allow teamviewer on NG (next-generation) firewalls?
My firewall does SSL inspection. What domain or ip range should I manually allow?
Hi brgsousa,
Thank you for your post
The TeamViewer network includes more than 200 servers. Communication with the master cluster is done through DNS names; communication with the TeamViewer servers (routing server and KeepAlive server) is done directly via IP addresses. Due to the fact that we are continuously upscaling our server network as the number of TeamViewer user grows, it is not possible to publish a list of current IP addresses, because this list would be outdated very soon.
In order for TeamViewer to work properly, access to all TeamViewer servers has to be possible. The easiest way to achieve this is to open port 5938 (TCP) for outbound connections to any IP address. You can also add *.teamviewer.com to the whitelist.
Hi Julia,
thanks for the description. We are using Juniper and there is not possible to set a wildcard.
Is it possible to get the sbudomains? insted of the * star or do you have a hint for my configuration. I will open the firewall for outbound connection to your server.
regards Eugen
Dear eugenmartel,
Would it be possible to allow traffic to every address through port 5938? Only a very few programs are using this port.
Hi Julia, based on our security policy it is allowed only to knowen ips thats my problem.
juniper is allowing only direct ip, ip ranges or wildcard with subdomains like e.g. support.teamviewer.com or mail.teamviewer.com but not marked with a * if I am trying I will get an error every time.
do you see a chance here to get a sollution?
regards eugen
hi,
what about the the ports 80 and 443 which is required for mass deployment and management ? it's not possible to open direct access to internet... you should have provided users a list of domain/subdomain list or network info as you use azure services