Skip to content

How to Configure the Corporate Firewall to Get the Product Running

 

Some network environments are locked down via a Firewall and allow connecting only to allow-listed IP addresses from within their corporate networks.

The table below lists Revenue Inbox resources IPs which must be allow-listed in your local firewall settings for inbound/outbound connection.

Important

All listed IPs are guaranteed to be secure, according to our privacy and security policies; transferred data is encrypted with TLS 1.2.

 

Firewall exceptions for Revenue Inbox

Tip

Check out the description of a typical whitelisting procedure for the standard Windows 10 firewall here.

In the latest update, Revenue Inbox servers IP addresses were changed.

 

Why were they changed?

  • RI server-side performance boosting (with up-to-date server equipment)
  • Possible server-side disaster recovery scenarios improvement, by reducing users impact and functions recovery time (using the extra backup servers)
  • Some of the reserved addresses are in resting state, they will be used in case of main servers downing, ensuring minimum users impact; they will be left unchanged in case of future server-side migrations

 

All Revenue Inbox traffic is intended to go directly, not through a proxy connection. It is recommended to configure an MS Active Directory group which can access and consent to the solution’s App. In this group, the App’s manifest must be deployed. Then you can manage the group’s users list to controlling who exactly accesses the App and who the App is consented to work for. See this article for detailed information on deployment scenarios.

The outbound connections are for the user’s devices, the inbound connections are for servers communication. RI Sync engine works directly between Exchange/Office 365 or Gmail server and Salesforce.

 

Note: the list also includes backup servers which ensure increased stability

Destination Source Port / Protocol Details
End users’ devices [inbound connections]
23.101.119.44
40.70.147.2
23.101.119.163
137.116.78.243
13.86.99.8/30
52.154.56.160/28
52.167.85.92/30
52.167.85.112/28
23.101.119.163
23.99.204.128
23.99.211.242
23.99.205.25
23.99.212.42
23.99.210.227
23.99.202.156
23.99.204.198
137.116.78.243
40.79.72.21
104.46.111.101
104.46.106.216
40.79.79.249
40.123.42.131
104.46.107.64
104.210.0.177
23.101.119.44
23.99.215.110
23.99.213.182
168.61.218.60
23.99.208.251
23.99.211.22
23.99.209.158
23.99.214.44
40.70.147.2
13.68.19.178
13.68.114.184
137.116.69.208
13.68.18.80
13.68.114.115
13.68.114.136
40.70.63.81
443 / HTTPS RI Sync Engine connections (MS Azure infrastructure)
[outbound connections]
13.86.99.8/30
52.154.56.160/28
52.167.85.92/30
52.167.85.112/28
23.101.119.163
23.99.204.128
23.99.211.242
23.99.205.25
23.99.212.42
23.99.210.227
23.99.202.156
23.99.204.198
137.116.78.243
40.79.72.21
104.46.111.101
104.46.106.216
40.79.79.249
40.123.42.131
104.46.107.64
104.210.0.177
23.101.119.44
23.99.215.110
23.99.213.182
168.61.218.60
23.99.208.251
23.99.211.22
23.99.209.158
23.99.214.44
40.70.147.2
13.68.19.178
13.68.114.184
137.116.69.208
13.68.18.80
13.68.114.115
13.68.114.136
40.70.63.81
Users’ Exchange server
Users’ Salesforce Org configuration
443 / HTTPS Revenue Inbox connections required for emails and calendar items handling
End users’ devices *.revenuegrid.com
*.invisible.io
*.invisiblesolutions.com
*.smartcloudconnect.io
443 / HTTPS Required Revenue Grid resources
End users’ devices *.revenuegrid.commaxcdn.bootstrapcdn.com
appsforoffice.microsoft.com
fonts.googleapis.com
code.jquery.com
fastcdn.org
cdnjs.cloudflare.com
cdn.jsdelivr.net
ajax.googleapis.com
az416426.vo.msecnd.net
cdn.mxpnl.com
443 / HTTPS Auxiliary CDN, API, and other resources used by RI Add-In
End users’ devices *.revenuegrid.com
*.smartcloudconnect.io
*.salesforce.com
dc.services.visualstudio.com
static2.sharepointonline.com
ajaxhttpheaders.appspot.com
logo.clearbit.com
autocomplete.clearbit.com
api.genderize.io
api.ipify.org
tag.getdrip.com
static.userguiding.com
api.userguiding.com
ust.userguiding.com
443 / HTTPS If issues occur on opening RI Sidebar, Sync dashboard, Customization page, or RI Admin panel, also add these resources to the allow-list of your firewall (or proxy server)
These are required Salesforce, Microsoft, wizards rendering, and other relevant resources
In addition, make sure that your browser’s ad blocking plugins (e.g. AdBlock Plus or uBlock Origin) are disabled for RI Sync dashboard

 

In addition, in some Orgs Salesforce logging in and data access are restricted for a pre-set IP addresses range. If you cannot log in to Salesforce via Revenue Inbox, make sure that the above listed IP addresses are included in Login / Trusted IP ranges of your Salesforce account or Org. Please find more info on how to manage them in this official Salesforce blog or official documentation regarding Login IP ranges and Trusted IP ranges.

   


Get back to us
We would love to hear from you

Name:

E-mail:

Question or comment: