Skip to content

How to Configure the Corporate Firewall to Get the Solution Running

 

To handle customers’ data enclosed in a secured corporate environment, LinkPoint Connect(ME)’s components LPC Add-In / Chrome Extension and LPC Sync Engine require two sets of allow-list rules to be configured by the local mail server and Salesforce Admins:
1. LPC infrastructure IPs allow-listed to access the corporate mail server and Salesforce
2. Firewall exceptions configured for end users’ work devices. All listed LinkPoint360 and third-party resources are guaranteed to be secure, according to LinkPoint360 privacy and security policies; all transferred data is encrypted with TLS 1.2

All LinkPoint Connect(ME) traffic is intended to go directly, not through a proxy connection.

 

Why do the IPs get changed in some updates?

  • LPC server-side performance boosting (with up-to-date server equipment)
  • Possible server-side disaster recovery scenarios improvement, by reducing users impact and functions recovery time (using the extra backup servers)
  • Some of the reserved addresses are in resting state, they will be used in case of main servers downing, ensuring minimum users impact; they will be left unchanged in case of future server-side migrations

 

 

November 2021 LinkPoint Connect(ME) Resources’ IP Update

In November 2021 LinkPoint Connect(ME) Azure resources’ IPs got updated, ensuring: A. extra stability considering geographic proximity; B. even more security; C. allow-list config facilitation. During December 2021, all customers must add the four new ranges to their allow-lists and remove the old LPC IPs from the allow-lists.

Starting with December 2021, to access customers’ corporate mail servers and Salesforce LinkPoint Connect(ME) Sync Engine and Add-In / Chrome Extension will be using only four designated IP ranges in different geographic locations: US Central and US East, four main use and four standby IPs are allocated within every range.

 

 

1. LPC Resources Allow-Listed to Access the Mail Server and Salesforce

All these are Inbound connections; MS Exchange / O365 and Salesforce servers get accessed by LinkPoint Connect(ME) components. Protocol: 443 / HTTPS

Dedicated IPs added in December 2021:

20.84.173.224/30 mask
actual range 20.84.173.224 - 20.84.173.227

20.72.111.168/40 mask
actual range 20.72.111.168 - 20.72.111.171

 

Deprecated IPs

The following old sets of IPs should be removed from the allow-list after January 1, 2022:

Fast channel General use

To remove from the server-side allow-list (Inbound):

23.101.119.44
40.70.147.2
23.101.119.163
137.116.78.243
13.86.99.8/30
52.154.56.160/28
52.167.85.92/30
52.167.85.112/28
23.101.119.163
23.99.204.128
23.99.211.242
23.99.205.25
23.99.212.42
23.99.210.227
23.99.202.156
23.99.204.198
137.116.78.243
40.79.72.21
104.46.111.101
104.46.106.216
40.79.79.249
40.123.42.131
104.46.107.64
104.210.0.177
23.101.119.44
23.99.215.110
23.99.213.182
168.61.218.60
23.99.208.251
23.99.211.22
23.99.209.158
23.99.214.44
40.70.147.2
13.68.19.178
13.68.114.184
137.116.69.208
13.68.18.80
13.68.114.115
13.68.114.136
40.70.63.81

 

 

 

Handling Salesforce Access Restrictions

In addition, in some Orgs Salesforce logging in and data access are restricted for a pre-set IP addresses range. If you cannot log in to Salesforce via LinkPoint Connect(ME), make sure that the above listed IP addresses are included in Login / Trusted IP ranges of your Salesforce account or Org. Please find more info on how to manage them in this official Salesforce blog or their official documentation regarding Login IP ranges and Trusted IP ranges.

 

 

 

2. Work Devices’ Firewall Exceptions for LPC Add-In / Chrome Extension

Tip

Contact your firewall software vendor for guidance how to configure allow-list rules

 

All these are Outbound connections from end users’ work devices. Protocol: 443 / HTTPS

 

Main LinkPoint Connect(ME) Resources
*.linkpoint360.com
*.linkpointconnectme.com

 

Auxiliary Resources

These are auxiliary CDN, API, Microsoft, Google, Cloudflare, Bootstrap, etc. resources used by the solution..

*.revenuegrid.commaxcdn.bootstrapcdn.com
appsforoffice.microsoft.com
fonts.googleapis.com
code.jquery.com
fastcdn.org
cdnjs.cloudflare.com
cdn.jsdelivr.net
ajax.googleapis.com
az416426.vo.msecnd.net
cdn.mxpnl.com

 

Extra Resources for Troubleshooting

Add these additional resources to firewall exceptions if issues occur on opening LPC Sidebar, Sync dashboard, Customization page, or LPC Admin panel. These are required Salesforce, Microsoft, wizards or guides rendering, and other relevant resources.
In addition, to be able to access Sync Engine settings make sure that your browser’s ad blocking plugins (e.g. AdBlock Plus or uBlock Origin) are disabled for LPC Sync dashboard web page.

*.salesforce.com
dc.services.visualstudio.com
static2.sharepointonline.com
ajaxhttpheaders.appspot.com
logo.clearbit.com
autocomplete.clearbit.com
api.genderize.io
api.ipify.org
tag.getdrip.com
static.userguiding.com
api.userguiding.com
ust.userguiding.com

   

Get back to us
We would love to hear from you

Name:

E-mail:

Question or comment: