Follow
Configuring Your Firewall

***

Refer to this article to understand how you can configure your firewall to add all the Workfront IP addresses to it and ensure that open communication is achieved between your environment and the Workfront servers. 

If you want to configure the IP Whitelist section of your Customer Info area in Workfront, and add designated IP addresses from where access to Workfront is allowed, see "Restricting Access to Workfront by IP Address." 

If you have configured your firewall or mail server in such a way as to allow access only to specific vendors, you need to add certain Workfront IP addresses to your firewall whitelist for the following purposes:

  • Allowing messages from the Workfront application
  • Using Single Sign-On (SSO) using Active Directory or LDAP
  • Using POP when replying to Workfront email notifications or for entering issues into Workfront through email
  • Using Document Webhooks when configuring custom document integrations (for more information, see "Configuring Document Integrations.")
  • Using Workfront Event Subscriptions (for more information, see "Event Subscription API.")

You also need to open certain ports in order for email messages to be delivered encrypted.

IP Addresses to Add to the Whitelist

The IP addresses that you have to whitelist on your firewall vary depending on the cluster where your Production environment is running. 

To find out what cluster your Production environment is on, contact Workfront Support. (For information on how to contact Workfront Support, see "How to Open a Support Ticket."

IP Addresses to Whitelist for Clusters 1, 2, 3, and Test Drive

If your Production environment is on Clusters 1, 2, or 3, add the following IP addresses for receiving email from the Workfront application:

  • 69.42.126.188
  • 66.119.37.185
  • 66.119.37.186

If your Production environment is on Clusters 1, 2, or 3, add the following IP addresses for SSO and POP:

  • 69.42.126.188 (this address must also be added to your whitelist to receive emails from Workfront)
  • 66.119.37.186
  • 66.119.37.167

IP Addresses to Whitelist for Cluster 4

If your Production environment is on Cluster 4, add the following IP addresses for POP and SSO, and to receive email from the Workfront application:

  • 52.31.132.175
  • 52.19.188.226
  • 52.28.49.94
  • 52.29.41.175
  • 52.29.197.69
  • 52.48.124.108 

IP Addresses to Whitelist for Cluster 5

If your Production environment is on Cluster 5, add the following IP addresses for receiving email from the Workfront application:

  • 13.58.86.183
  • 34.209.181.84
  • 35.161.82.137
  • 52.14.70.114
  • 52.15.230.220
  • 54.71.252.65

If your Production environment is on Cluster 5, add the following IP addresses for SSO and POP :

IP Addresses for Your Production Environment for SSO and POP

If your Production environment is on Cluster 5, add the following IP addresses for your Production environment for SSO and POP:

  • 13.58.82.59
  • 34.208.255.239
  • 52.24.154.46
  • 52.14.134.251
  • 52.14.208.59
  • 54.69.62.181

IP Addresses for Your Preview Environment for SSO and POP

If your Production environment is on Cluster 5, add the following IP addresses for your Preview Sandbox environment for SSO and POP:

  • 13.58.57.211
  • 13.58.126.18
  • 52.14.179.237

IP Addresses for Your First Refresh Sandbox (CR1) for SSO and POP

If your Production environment is on Cluster 5, add the following IP addresses for your first Custom Refresh Sandbox environment (CR1) for SSO and POP:

  • 13.58.98.241
  • 52.14.175.191
  • 52.15.213.186

IP Addresses for Your Second Custom Refresh Sandbox (CR2) for SSO and POP

If your Production environment is on Cluster 5, add the following IP addresses for your second Custom Refresh Sandbox environment (CR2) for SSO and POP:

  • 13.58.58.6
  • 52.15.208.139
  • 52.15.62.153

IP Addresses to Whitelist When Implementing Event Subscriptions

For all environments, add the following IP addresses to receive payloads from Workfront Event Subscriptions:

  • 35.162.39.124
  • 52.89.16.253 

IP Addresses to Add for Accessing Workfront Fusion

Add the following IP addresses to your whitelist to ensure access to Workfront Fusion:

  • 18.216.172.146
  • 18.218.153.209

URLs to Add for Accessing Workfront Proof

For all environments, add the following URLs to allow Workfront Proof to access Workfront on any cluster:

  • *.proofhq.com
  • webcapture.int.proofhq.com - web capture tool
  • mx.proofhq.com - email servers

Ports to Open to Ensure Best Proof Performance with Workfront Proof

Open the following ports if you are experiencing problems with proofs loading or not working:

  • 5671
  • 5672

 Ports to Open for Encrypted Email  

Emails from the Workfront application are sent encrypted using ports 465 and 587. If your mail server does not support encrypted email, emails are delivered unencrypted using port 25.

Email Notifications from Support  

If you are not receiving emails from Workfront Support, ensure that you add the IP addresses listed in "Configuring your firewall for use with Zendesk."

DON'T DELETE, DRAFT OR HIDE THIS ARTICLE. IT IS LINKED TO THE PRODUCT, THROUGH THE CONTEXT SENSITIVE HELP LINKS. ** There was some talk that this article should be split in separate articles for each cluster, but we cannot do this because it is linked to the UI: Setup> System> Customer Info> IP Whitelist

This article last updated on 2018-07-06 18:03:53 UTC