This article provides the IP ranges and certificate provider configuration which must be whitelisted in your firewall in order to enable the full functionality of the LivePerson Workspace.
IP ranges for your firewall whitelist
LiveEngage communicates with LivePerson’s servers via ports 80 and 443. Your firewall and other hardware/software protection should be configured to allow outbound traffic from your network to LivePerson servers on these ports. No other ports are required.
Below is a detailed list of the IP ranges that should be whitelisted in your firewall settings to allow communication with LivePerson.
LiveEngage services are geo-located. LiveEngage users will usually get serviced from the nearest LivePerson Farm, however, all of the IP addresses below should be whitelisted.
Some LiveEngage services rely on the WebSocket technology to provide the best experience. Your firewall must therefore allow these connections. WebSocket technology works over standard port 443, with the only difference being that it is a long-lived connection that should not be closed by the firewall after timeouts or for any other reason.
LiveEngage comprises many different services, with new IP ranges added from time to time. Please refer back to this article to ensure your firewall settings are up-to-date._
|IPv4 Range||CIDR Block|
|184.108.40.206 - 220.127.116.11||18.104.22.168/22|
|22.214.171.124 - 126.96.36.199||188.8.131.52/22|
|184.108.40.206 - 220.127.116.11||18.104.22.168/22|
|22.214.171.124 - 126.96.36.199||188.8.131.52/22|
|184.108.40.206 - 220.127.116.11||18.104.22.168/22|
|22.214.171.124 - 126.96.36.199||188.8.131.52 /22|
|184.108.40.206 - 220.127.116.11||18.104.22.168/22|
|22.214.171.124 - 126.96.36.199||188.8.131.52/22|
|184.108.40.206 - 220.127.116.11||18.104.22.168/22|
|IPv6 Range||CIDR Block|
|2a03:6400:: - 2a03:6400:ffff:ffff:ffff:ffff:ffff:ffff||2a03:6400::/32|
The following IP ranges have been added to the whitelist for bots:
- 172.16.0.0 - 172.31.255.255
- 10.16.0.0 - 10.31.255.255
- 10.32.0.0 - 10.47.255.255
- 10.48.0.0 - 10.63.255.255
- 10.160.0.0 - 10.175.255.255
- 10.176.0.0 - 10.191.255.255
Third-Party Bot Integrations in particular will be served from the following IPs:
|Region||Gateway Name||Gateway IP|
Liveperson owns these second level domains:
LiveEngage works with the following certificate providers: VeriSign, thawte, Comodo, GeoTrust, and CyberTrust.
Please make sure that the Certificate Revocation Lists (CRL) and the Online Certificate Status Protocols (OCSP) of the following providers are allowed by your firewall and other hardware/software protection:
Vanity URL enables customers to ensure that external visitors to their website view their own brand domain signed certificate in place of the LivePerson domain.
Vanity URL offers a secure and consistent online experience. Visitors are kept within the chosen Vanity URL domain name at all stages of their session, building trust and credibility.
Any vanity URL domains must be listed as it will prevent the functionality of LiveEngage for end users.