Overview
This article lists all of the ports and IP addresses used by CrashPlan.
Firewall access
Two firewall filtering methods are described below: FQDN-based and IP-based. The FQDN-based method is simpler to manage for most customers. The IP-based method should be used with firewalls that do not support FQDN-based filtering.
Change the firewall access based on which cloud instance you use:
- United States
- Ireland
- SMB: https://console.us2.crashplanpro.com
FQDN-based filtering method
For the cloud instance you use, open access in your firewall to allow outbound TCP/443 to *.crashplan.com. This ensures uninterrupted access to the CrashPlan cloud. (You must use the IP-based filtering method to allow traffic on port 4287.)
IP-based filtering method
For the cloud instance you use, allow outbound TCP/443 and TCP/4287 to CrashPlan IP addresses below.
This ensures uninterrupted access to the CrashPlan cloud when your firewall does not support FQDN-based filtering or TLS inspection is being performed.
CrashPlan IP addresses
- 64.207.222.0 /23
- 67.222.252.0 /22
- 68.65.192.0 /21
- 103.8.239.0 /24
- 149.5.7.0 /24
- 162.222.40.0 /21
- 216.9.196.0 /23
- 216.9.198.0 /24
- 216.223.38.0 /24
CrashPlan app ports
List of ports that require outbound traffic to CrashPlan. You must have ports 443, 4285, and 4287 open for use by CrashPlan apps.
Port |
Protocol |
Source |
Destination |
Description |
---|---|---|---|---|
443 | HTTPS | CrashPlan app | CrashPlan endpoint agents | Communication for deployment policy information |
HTTPS | Web Browsers | CrashPlan cloud | Web restore (both zip file and device) | |
TLS | CrashPlan app |
CrashPlan cloud |
Communication from device to the CrashPlan cloud. Only applies to CrashPlan environments that sign in to the CrashPlan console at: https://console.us2.crashplan.com. |
|
4285 | HTTPS | Web Browsers | CrashPlan cloud | CrashPlan cloud |
4287 | TLS | CrashPlan app | CrashPlan cloud | CrashPlan cloud |
Additional services integrated with CrashPlan
These are some additional ports used by services that are commonly integrated with CrashPlan environments.
Port |
Protocol |
Source |
Destination |
Description |
---|---|---|---|---|
8200 and 8201 |
TLS | CrashPlan cloud | Vault | Communication between a Vault instance and the CrashPlan cloud |
443 | HTTPS | CrashPlan cloud | AD FS server | Sync with AD FS |
443 | HTTPS | CrashPlan app | AWS | Login traffic is routed through a range of Cloudfront IPs |
636 | LDAPS | Your directory server | Used by the CrashPlan User Directory Sync tool to sync with your directory service |