Configuring your firewall

IP ranges and certificate provider configuration which must be whitelisted in your firewall in order to enable the full functionality
  • Messaging
  • Chat

This article provides the IP ranges and certificate provider configuration which must be whitelisted in your firewall in order to enable the full functionality of the LivePerson Workspace.

IP ranges for your firewall whitelist

The Conversational Cloud communicates with LivePerson’s servers via ports 80 and 443. Your firewall and other hardware/software protection should be configured to allow outbound traffic from your network to LivePerson servers on these ports. No other ports are required.


Conversational Cloud services are geo-located. Conversational Cloud users will usually get serviced from the nearest LivePerson Farm, however, all of the IP addresses below should be whitelisted.
Some Conversational Cloud services rely on the WebSocket technology to provide the best experience. Your firewall must therefore allow these connections. WebSocket technology works over standard port 443, with the only difference being that it is a long-lived connection that should not be closed by the firewall after timeouts or for any other reason.

Below is a detailed list of the IP ranges that should be whitelisted in your firewall settings to allow communication with LivePerson.

The Conversational Cloud comprises many different services, with new IP ranges added from time to time. Please refer back to this article to ensure your firewall settings are up-to-date

IPv4 RangeCIDR Block
43.251.40.0 - 43.251.43.25543.251.40.0/22
103.42.132.0 - 103.42.135.255103.42.132.0/22
162.252.72.0 - 162.252.75.255162.252.72.0/22
162.252.76.0 - 162.252.79.255162.252.76.0/22
178.249.96.0 - 178.249.99.255178.249.96.0/22
178.249.100.0 - 178.249.103.255178.249.100.0 /22
199.187.116.0 - 199.187.119.255199.187.116.0/22
208.89.12.0 - 208.89.15.255208.89.12.0/22
185.6.224.0 - 185.6.227.255185.6.224.0/22
IPv6 RangeCIDR Block
------
2a03:6400:: -  2a03:6400:ffff:ffff:ffff:ffff:ffff:ffff2a03:6400::/32
Third-Party Bot Integrations in particular will be served from the following IPs:
RegionGateway Name
------
N.Virginiagw1.mgmt.fs.liveperson.com
N.Virginiagw2.mgmt.fs.liveperson.com
Irelandgw1.emea.fs.liveperson.com
Irelandgw2.emea.fs.liveperson.com
Sydneygw1.apac.fs.liveperson.com
Sydneygw2.apac.fs.liveperson.com

Domains

LivePerson owns these second level domains:

  • liveperson.com
  • liveperson.net
  • lpsnmedia.net
  • liveengage.net
  • liveengage.com
  • liveper.sn

Certificate providers

The Conversational Cloud works with the following certificate providers: VeriSign, thawte, Comodo, GeoTrust, and CyberTrust.
Please make sure that the Certificate Revocation Lists (CRL) and the Online Certificate Status Protocols (OCSP) of the following providers are allowed by your firewall and other hardware/software protection:

  • http://crl.verisign.com
  • http://crl.thawte.com
  • http://crl.comodoca.com
  • http://crl.geotrust.com
  • http://crl.omniroot.com
  • http://ocsp.verisign.com
  • http://ocsp.thawte.com
  • http://ocsp.comodoca.com
  • http://ocsp.usertrust.com
  • http://ocsp.geotrust.com

Vanity URL

Vanity URL enables customers to ensure that external visitors to their website view their own brand domain signed certificate in place of the LivePerson domain.


Vanity URL offers a secure and consistent online experience. Visitors are kept within the chosen Vanity URL domain name at all stages of their session, building trust and credibility.

Any vanity URL domains must be listed as it will prevent the functionality of the Conversational Cloud for end users.


Missing Something?

Check out our Developer Center for more in-depth documentation. Please share your documentation feedback with us using the feedback button. We'd be happy to hear from you.