Overview
This article lists all of the ports and IP addresses used by CrashPlan.
Firewall access
Two firewall filtering methods are described below: FQDN-based and IP-based. The FQDN-based method is simpler to manage for most customers. The IP-based method should be used with firewalls that do not support FQDN-based filtering.
Change the firewall access based on which cloud instance you use:
- United States
- Ireland
- SMB: https://console.us2.crashplanpro.com
FQDN-based filtering method
For the cloud instance you use, open access in your firewall to allow outbound TCP/443 to *.crashplan.com. This ensures uninterrupted access to the CrashPlan cloud. (You must use the IP-based filtering method to allow traffic on port 4287.)
IP-based filtering method
For the cloud instance you use, allow outbound TCP/443 and TCP/4287 to CrashPlan IP addresses below.
This ensures uninterrupted access to the CrashPlan cloud when your firewall does not support FQDN-based filtering or TLS inspection is being performed.
CrashPlan IP addresses
- 64.207.222.0 /23
- 67.222.252.0 /22
- 68.65.192.0 /21
- 103.8.239.0 /24
- 149.5.7.0 /24
- 162.222.40.0 /21
- 216.9.196.0 /23
- 216.9.198.0 /24
- 216.223.38.0 /24
CrashPlan login traffic is routed through a range of Cloudfront IP addresses that can be found here.
CrashPlan app ports
List of ports that require outbound traffic to CrashPlan. You must have ports 443, 4285, and 4287 open for use by CrashPlan apps.
Port |
Protocol |
Source |
Destination |
Description |
---|---|---|---|---|
443 | HTTPS | CrashPlan app | CrashPlan endpoint agents | Communication for deployment policy information |
HTTPS | Web Browsers | CrashPlan cloud | Web restore (both zip file and device) | |
TLS | CrashPlan app |
CrashPlan cloud |
Communication from device to the CrashPlan cloud. Only applies to CrashPlan environments that sign in to the CrashPlan console at: https://console.us2.crashplan.com. |
|
4285 | HTTPS | Web Browsers | CrashPlan cloud | CrashPlan cloud |
4287 | TLS | CrashPlan app | CrashPlan cloud | CrashPlan cloud |
Additional services integrated with CrashPlan
These are some additional ports used by services that are commonly integrated with CrashPlan environments.
Port |
Protocol |
Source |
Destination |
Description |
---|---|---|---|---|
8200 and 8201 |
TLS | CrashPlan cloud | Vault | Communication between a Vault instance and the CrashPlan cloud |
443 | HTTPS | CrashPlan cloud | AD FS server | Sync with AD FS |
443 | HTTPS | CrashPlan app | AWS | Login traffic is routed through a range of Cloudfront IPs |
636 | LDAPS | Your directory server | Used by the CrashPlan User Directory Sync tool to sync with your directory service |