This article provides the IP ranges and certificate provider configuration which must be whitelisted in your firewall in order to enable the full functionality of the LivePerson Workspace.
IP ranges for your firewall whitelist
LiveEngage communicates with LivePerson’s servers via ports 80 and 443. Your firewall and other hardware/software protection should be configured to allow outbound traffic from your network to LivePerson servers on these ports. No other ports are required.
Below is a detailed list of the IP ranges that should be whitelisted in your firewall settings to allow communication with LivePerson.
LiveEngage services are geo-located. LiveEngage users will usually get serviced from the nearest LivePerson Farm, however, all of the IP addresses below should be whitelisted.
Some LiveEngage services rely on the WebSocket technology to provide the best experience. Your firewall must therefore allow these connections. WebSocket technology works over standard port 443, with the only difference being that it is a long-lived connection that should not be closed by the firewall after timeouts or for any other reason.
LiveEngage comprises many different services, with new IP ranges added from time to time. Please refer back to this article to ensure your firewall settings are up-to-date._
|IPv4 Range||CIDR Block|
|188.8.131.52 - 184.108.40.206||220.127.116.11/22|
|18.104.22.168 - 22.214.171.124||126.96.36.199/22|
|188.8.131.52 - 184.108.40.206||220.127.116.11/22|
|18.104.22.168 - 22.214.171.124||126.96.36.199/22|
|188.8.131.52 - 184.108.40.206||220.127.116.11/22|
|18.104.22.168 - 22.214.171.124||126.96.36.199 /22|
|188.8.131.52 - 184.108.40.206||220.127.116.11/22|
|18.104.22.168 - 22.214.171.124||126.96.36.199/22|
|188.8.131.52 - 184.108.40.206||220.127.116.11/22|
|IPv6 Range||CIDR Block|
|2a03:6400:: - 2a03:6400:ffff:ffff:ffff:ffff:ffff:ffff||2a03:6400::/32|
Liveperson owns these second level domains:
LiveEngage works with the following certificate providers: VeriSign, thawte, Comodo, GeoTrust, and CyberTrust.
Please make sure that the Certificate Revocation Lists (CRL) and the Online Certificate Status Protocols (OCSP) of the following providers are allowed by your firewall and other hardware/software protection: