Back button image

Allowlisting and Firewall Configuration for GoTo Training

If you or your company uses a firewall allow list to restrict network access to only specific websites or software, then you can use the information below to ensure that your service can connect.

Important: See our Customer Community to subscribe to notifications for firewall information updates. Select Subscribe within the community to be notified.
Notice: If you need to know the allow list for any other products or the minimal firewall settings for our new and classic apps, refer to the following:

Ports

Our GoTo products are configured to work with the following ports.

Port Purpose
Outbound TCP 443 Required, used by all products. Needs to support WebSocket connections over HTTPS
Outbound TCP 80 Recommended, used for in-session communication
UDP 8200 Recommended, used for integrated Voice over IP (VoIP) and in-session communication
UDP 1853 Recommended, used for integrated webcam video support and Voice over IP (VoIP) and in-session communication

Outbound 3478 TCP

UDP 3478

Recommended, used by the GoTo app for media connectivity to the TURN servers
Inbound connections Not required

Allowlist domains

For most firewall or proxy systems, we recommend specifying an allowlist of DNS names for GoTo services so that outbound connections can be made. The list of GoTo domains currently includes (but is not limited to) the lists below.

Universally required domains Description/Purpose
*.accounts.logme.in Corporate domain used by multiple GoTo products
api.filepicker.io

Third-party file-hosting service

This will soon change to *.filestackapi.com.

*app.goto.com Product domain used by multiple GoTo products
*.cdngetgo.com CDN used by multiple GoTo products
*.clientstream.launchdarkly.com Third-party feature testing service
*.cloudfront.net Third-party CDN
*.expertcity.com Corporate domain used by multiple GoTo products
*.filestackapi.com

Third-party file-hosting service

(NEW! FilePicker has changed their name)

*.getgo.com Product domain used by multiple GoTo products
*.getgocdn.com CDN used by multiple GoTo products
*.getgoservices.com Product domain used by multiple GoTo products
*.getgoservices.net Product domain used by multiple GoTo products
*.goto.com Product domain used by multiple GoTo products
*.goto.eu Corporate domain used by multiple GoTo products
*.gotoinc.com Corporate domain used by multiple GoTo products
*.goto-rtc.com Real-time communication service used by multiple products
*.ingest.sentry.io Third-party error tracking service
*.internap.net Powers updates to multiple GoTo products
*internapcdn.net Powers updates to multiple GoTo products
*.internapcdn.net Powers updates to multiple GoTo products
*.launchdarkly.com Third-party feature testing service
*.logmein.com Corporate domain used by multiple GoTo products
*.logmeininc.com Corporate domain used by multiple GoTo products
*logmein.eu Corporate domain used by multiple GoTo products
GoTo Training specific domains
*.gototraining.com
*google.com
*.googleapis.com
*.jointraining.com
*.firebaseio.com
*.firebaseapp.com
*.cdn.walkme.com
*.gofastchat.com
builds.cdn.goto.com
builds.cdn.getgo.com
launch.getgo.com
meet.goto.com
goto-desktop.s3.amazonaws.com
Email domains
For email invitations and correspondences from us and the GoTo software, we recommend allowing the following email domains through your email's spam and allow list filters.
@goto.com
@logmein.com
customerService@s.logmein.com
@s.logmein.com
@care.gotomeeting.com
@m.gotomeeting.com
@care.gotomypc.com
@care.gotoassist.com
@care.gotowebinar.com
@care.gototraining.com
@jive.com
@m.join.me
@t.join.me
@m.logmein.com
@t.logmein.com

Important considerations for allowlisting by IP Ranges

It is recommended to use wildcard rules whenever possible while allowlisting or blocking any GoTo services on your network as sub-domains of the domains listed above are included. Also, the client-to-host connection uses peer-to-peer connections, encrypted within an HTTPS tunnel where data is encrypted with AES-256 symmetric cipher.

Use of IP ranges instead of domain names for the firewall configuration is discouraged unless absolutely necessary because our IP ranges and those of our provider networks need to be periodically audited and modified, creating additional maintenance for your network. These changes are necessary to continue to provide the maximum performance for our GoTo products. Maintenance and failover events within our infrastructure may cause you to connect to servers within any of the ranges.

If your firewall includes a content or application data scanning filter, this may cause a block or latency, which would be indicated in the log files for the filter. To address this problem, verify that the domains or IP ranges will not be scanned or filtered by specifying exception domains or IP ranges. If your security policy requires you to specify explicit domain or IP ranges, then configure your firewall exceptions for outbound TCP ports 8200, 443, and 80 as well as UDP ports 8200 and 1853 for the GoTo domains or IP ranges, including those of our third-party provider networks.

GoTo server / Data Center IP addresses for use in firewall configurations

The following IP ranges may be used by any GoTo product, so they should all be added to your allowlist. See below for additional GoTo product-specific ranges. This list is also available in JSON format at https://goto-ipblocks.live.gtc.goto.com/.

Equivalent specifications in 3 common formats

Assigned Range by Block Numeric IP Address Range Netmask Notation CIDR Notation
Block 1 216.115.208.0 – 216.115.223.255 216.115.208.0 255.255.240.0 216.115.208.0/20
Block 2 216.219.112.0 – 216.219.127.255 216.219.112.0 255.255.240.0 216.219.112.0/20
Block 3 67.217.64.0 – 67.217.95.255 67.217.64.0 255.255.224.0 67.217.64.0/19
Block 4 173.199.0.0 – 173.199.63.255 173.199.0.0 255.255.192.0 173.199.0.0/18
Block 5 206.183.100.0 – 206.183.103.255 206.183.100.0 255.255.252.0 206.183.100.0/22
Block 6 68.64.0.0 – 68.64.31.255 68.64.0.0 255.255.224.0 68.64.0.0/19
Block 7 23.239.224.0 – 23.239.255.255 23.239.224.0 255.255.224.0 23.239.224.0/19
Block 8 158.120.16.0 - 158.120.31.255 158.120.16.0 255.255.240.0 158.120.16.0/20
Block 9 202.173.24.0 – 202.173.31.255 202.173.24.0 255.255.248.0 202.173.24.0/21
Block 10 78.108.112.0 – 78.108.127.255 78.108.112.0 255.255.240.0 78.108.112.0/20
Block 11 185.36.20.0 – 185.36.23.255 185.36.20.0 255.255.252.0 185.36.20.0/22
Block 12 188.66.40.0 – 188.66.47.255 188.66.40.0 255.255.248.0 188.66.40.0/21
Block 13 45.12.196.0 – 45.12.199.255 45.12.196.0 255.255.252.0 45.12.196.0/22
Block 14 162.250.60.0 – 162.250.63.255 162.250.60.0 255.255.252.0 162.250.60.0/22
Block 15 199.36.248.0 – 199.36.251.255 199.36.248.0 255.255.252.0 199.36.248.0/22
Block 16 199.87.120.0 – 199.87.123.255 199.87.120.0 255.255.252.0 199.87.120.0/22
Block 17 103.15.16.0 – 103.15.19.255 103.15.16.0 255.255.252.0 103.15.16.0/22
Block 18 64.74.17.0 – 64.74.17.255 64.74.17.0 255.255.255.0 64.74.17.0/24
Block 19 64.74.18.0 – 64.74.19.255 64.74.18.0 255.255.254.0 64.74.18.0/23
Block 20 64.74.103.0 – 64.74.103.255 64.74.103.0 255.255.255.0 64.74.103.0/24
Block 21 64.94.18.0 – 64.94.18.255 64.94.18.0 255.255.255.0 64.94.18.0/24
Block 22 64.94.46.0 – 64.94.47.255 64.94.46.0 255.255.254.0 64.94.46.0/23
Block 23 64.95.128.0 – 64.95.129.255 64.95.128.0 255.255.254.0 64.95.128.0/23
Block 24 66.150.108.0 – 66.150.108.255 66.150.108.0 255.255.255.0 66.150.108.0/24
Block 25 69.25.20.0 – 69.25.21.255 69.25.20.0 255.255.254.0 69.25.20.0/23
Block 26 69.25.247.0 – 69.25.247.255 69.25.247.0 255.255.255.0 69.25.247.0/24
Block 27 95.172.70.0 – 95.172.70.255 95.172.70.0 255.255.255.0 95.172.70.0/24
Block 28 111.221.57.0 – 111.221.57.255 111.221.57.0 255.255.255.0 111.221.57.0/24

IPv6 addresses space

Assigned by Block Classless Inter-Domain Routing (CIDR) format
Block 1 2606:CB00::/32
Block 2 2a0e:bd00::/29

Data centers

We scale our services with third-party cloud and carrier networks for improved performance. To ensure continuous up-time, we also maintain data centers in the following regions:

  • U.S.: Nevada, Virginia, Michigan
  • Global: Germany, Australia
  • Global Public Cloud (including, but not limited to): California, Oregon, Virginia, Singapore, Australia, Japan
  • Content Delivery Public Cloud (including, but not limited to): California, Washington, Texas, Indiana, Missouri, New Jersey, Brazil, United Kingdom, Amsterdam, Germany, France, Italy, Hong Kong, Japan, Singapore
Article last updated: 14 November, 2023
You are viewing the latest version of this article.