This article describes our recommendations for configuring a firewall for use with Zendesk. As part of these recommendations, we’ve included a list of Zendesk’s public IP addresses for your reference below.
- If your server policy restricts inbound traffic only, whitelisting the list of IPs below should suffice.
- If you filter both inbound and outbound traffic:
- We highly recommend whitelisting with both the Fully Qualified Domain Name (FQDN) of your Zendesk subdomain as well as the IP addresses below.
- If the firewall doesn’t support FQDN-based whitelisting, we recommend you disable outbound filtering or upgrade to a firewall that supports this feature. rather than try to restrict outbound traffic using IPs only, which can cause issues. If you can’t disable outbound filtering or upgrade your firewall you can temporarily work around this by resolving your FQDN to an IP address using this DNS Lookup Tool. However, because the IP address can change at any time, we don’t recommend using this method.
IP Addresses
The following list includes the Zendesk public IP addresses.
IP addresses are listed using Classless Inter-Domain Routing (CIDR) notation. You can convert IP addresses using this CIDR Utility Tool. If you are using Zendesk Talk, specific IP addresses will need to be accessible. For a list of IP addresses, see Talk network requirements.
| IP address | Date added |
| 3.113.204.153 | Added prior to April 15, 2020 |
| 3.209.202.128/25 | Added on May 18, 2020 |
| 13.55.4.222/32 | Added prior to April 15, 2020 |
| 13.55.84.43/32 | Added prior to April 15, 2020 |
| 13.55.104.134/32 | Added prior to April 15, 2020 |
| 13.210.202.182/32 | Added prior to April 15, 2020 |
| 13.211.9.239/32 | Added prior to April 15, 2020 |
| 13.211.27.207/32 | Added prior to April 15, 2020 |
| 18.184.231.213/32 | Added prior to April 15, 2020 |
| 18.194.206.174/32 | Added prior to April 15, 2020 |
| 18.194.213.105/32 | Added prior to April 15, 2020 |
| 18.195.109.170/32 | Added prior to April 15, 2020 |
| 18.196.192.91/32 | Added prior to April 15, 2020 |
| 18.196.61.131/32 | Added prior to April 15, 2020 |
| 18.196.66.109/32 | Added prior to April 15, 2020 |
| 18.197.30.168/32 | Added prior to April 15, 2020 |
| 18.205.33.7/32 | Added prior to April 15, 2020 |
| 18.206.72.19/32 | Added prior to April 15, 2020 |
| 18.233.240.4/32 | Added prior to April 15, 2020 |
| 18.236.24.80/32 | Added prior to April 15, 2020 |
| 23.22.136.103/32 | Added prior to April 15, 2020 |
| 34.197.119.172/32 | Added prior to April 15, 2020 |
| 34.197.211.159/32 | Added prior to April 15, 2020 |
| 34.198.132.11/32 | Added prior to April 15, 2020 |
| 34.199.96.193/32 | Added prior to April 15, 2020 |
| 34.206.241.1/32 | Added prior to April 15, 2020 |
| 34.214.170.210/32 | Added prior to April 15, 2020 |
| 34.216.174.56/32 | Added prior to April 15, 2020 |
| 34.225.199.37/32 | Added prior to April 15, 2020 |
| 34.225.61.68/32 | Added prior to April 15, 2020 |
| 34.251.237.213/32 | Added prior to April 15, 2020 |
| 34.253.42.1/32 | Added prior to April 15, 2020 |
| 35.153.123.152/32 | Added prior to April 15, 2020 |
| 35.158.67.8/32 | Added prior to April 15, 2020 |
| 35.167.245.158/32 | Added prior to April 15, 2020 |
| 35.171.179.180/32 | Added prior to April 15, 2020 |
| 35.172.245.139/32 | Added prior to April 15, 2020 |
| 35.173.105.139/32 | Added prior to April 15, 2020 |
| 35.174.158.178/32 | Added prior to April 15, 2020 |
| 35.174.160.246/32 | Added prior to April 15, 2020 |
| 52.0.60.126/32 | Added prior to April 15, 2020 |
| 52.2.33.185/32 | Added prior to April 15, 2020 |
| 52.21.112.236/32 | Added prior to April 15, 2020 |
| 52.27.183.82/32 | Added prior to April 15, 2020 |
| 52.31.82.113/32 | Added prior to April 15, 2020 |
| 52.33.130.83/32 | Added prior to April 15, 2020 |
| 52.34.190.153/32 | Added prior to April 15, 2020 |
| 52.34.200.91/32 | Added prior to April 15, 2020 |
| 52.36.216.7/32 | Added prior to April 15, 2020 |
| 52.37.220.11/32 | Added prior to April 15, 2020 |
| 52.37.212.231/32 | Added prior to April 15, 2020 |
| 52.43.228.19/32 | Added prior to April 15, 2020 |
| 52.49.113.232/32 | Added prior to April 15, 2020 |
| 52.57.0.38/32 | Added prior to April 15, 2020 |
| 52.57.21.10/32 | Added prior to April 15, 2020 |
| 52.58.121.97/32 | Added prior to April 15, 2020 |
| 52.63.26.17/32 | Added prior to April 15, 2020 |
| 52.63.132.21/32 | Added prior to April 15, 2020 |
| 52.87.17.117/32 | Added prior to April 15, 2020 |
| 52.192.205.30/32 | Added prior to April 15, 2020 |
| 52.193.22.204/32 | Added prior to April 15, 2020 |
| 52.198.190.119 | Added prior to April 15, 2020 |
| 52.209.40.193/32 | Added prior to April 15, 2020 |
| 52.209.118.114/32 | Added prior to April 15, 2020 |
| 52.203.0.71/32 | Added prior to April 15, 2020 |
| 52.203.58.200/32 | Added prior to April 15, 2020 |
| 52.210.87.214/32 | Added prior to April 15, 2020 |
| 52.210.245.193/32 | Added prior to April 15, 2020 |
| 52.214.140.202/32 | Added prior to April 15, 2020 |
| 52.214.141.52/32 | Added prior to April 15, 2020 |
| 54.71.249.105/32 | Added prior to April 15, 2020 |
| 54.72.137.238/32 | Added prior to April 15, 2020 |
| 54.79.46.48/32 | Added prior to April 15, 2020 |
| 54.88.153.44/32 | Added prior to April 15, 2020 |
| 54.92.60.91/32 | Added prior to April 15, 2020 |
| 54.95.12.3/32 | Added prior to April 15, 2020 |
| 54.168.60.210/32 | Added prior to April 15, 2020 |
| 54.172.126.223/32 | Added prior to April 15, 2020 |
| 54.172.209.60/32 | Added prior to April 15, 2020 |
| 54.178.87.147/32 | Added prior to April 15, 2020 |
| 54.190.230.46/32 | Added prior to April 15, 2020 |
| 54.194.140.222/32 | Added prior to April 15, 2020 |
| 54.200.201.186/32 | Added prior to April 15, 2020 |
| 54.203.161.166/32 | Added prior to April 15, 2020 |
| 54.208.38.43/32 | Added prior to April 15, 2020 |
| 54.213.203.82/32 | Added prior to April 15, 2020 |
| 54.240.0.0/18 | Added prior to April 15, 2020 |
| 54.245.210.112/32 | Added prior to April 15, 2020 |
| 104.16.51.111 | Added prior to April 15, 2020 |
| 104.16.52.111 | Added prior to April 15, 2020 |
| 104.16.53.111 | Added prior to April 15, 2020 |
| 104.16.54.111 | Added prior to April 15, 2020 |
| 104.16.55.111 | Added prior to April 15, 2020 |
| 104.18.70.113 | Added prior to April 15, 2020 |
| 104.18.71.113 | Added prior to April 15, 2020 |
| 104.18.72.113 | Added prior to April 15, 2020 |
| 104.18.73.113 | Added prior to April 15, 2020 |
| 104.18.74.113 | Added prior to April 15, 2020 |
| 104.18.172.234 | Added prior to April 15, 2020 |
| 104.18.173.234 | Added prior to April 15, 2020 |
| 104.18.249.37 | Added prior to April 15, 2020 |
| 104.18.248.37 | Added prior to April 15, 2020 |
| 104.218.200.0/21 | Added prior to April 15, 2020 |
| 185.12.80.0/22 | Added prior to April 15, 2020 |
| 188.172.128.0/20 | Added prior to April 15, 2020 |
| 192.161.144.0/20 | Added prior to April 15, 2020 |
| 199.127.232.0/22 | Added prior to April 15, 2020 |
| 199.255.192.0/22 | Added prior to April 15, 2020 |
| 216.198.0.0/18 | Added prior to April 15, 2020 |
Outbound Email Servers IP addresses are listed in our SPF record, which we update as needed. Our SPF record can be read using this Lookup Tool or by using these commands:
host -t TXT mail.zendesk.com
or
dig txt mail.zendesk.com
Note: Due to server and IP rotation on our mail server's end, we do not support the use of IPs to validate your record. While using IPs may work within the SPF record, it's likely to cause issues down the road, when an IP or mail server rotation occurs.
IP Addresses used by Insights
For information about obtaining and whitelisting GoodData IP addresses for Insights, see IP Whitelisting on the GoodData web site.
Whitelisting Explore
For whitelisting Explore configure your firewall to allow these records as the trusted origins:
72 Comments
Are there a new set of IPs? We've whitelisted every IP in this list but there seems to be requests from different IPs.
Hi Liina,
No new IP's here, so I've created a ticket to work with you more directly. See you there.
We use a Palo Alto Networks firewall which allows use of external dynamic lists.
Is there a way to utilize this feature for this list so we dont have to manually update the list every time theres an IP change? Or at least a simple txt file with these IP's listed?
For Reference:
An external dynamic list is an address object based on an imported list of IP addresses, URLs, or domain names that you can use in policy rules to block or allow traffic. This list must be a text file saved to a web server that is accessible by the firewall.
We have been using Zendesk for a few weeks now and still haven't managed to get it working properly due to issues with our web-filtering/firewall settings. The web filters and firewalls are managed by various 3rd parties who have said it's not their job to interpret the information in the article. So I guess it's our job, as their customer, to do the interpreting!
The points that they have raised are as follows:
For question 1, what are the FQDNs we should be providing? I know there is [subdomain].zendesk.com which is simple enough to provide but are there more and if so, how do we know what they are?
Sorry if these are simple questions for which the answers should be obvious. Since they are being asked by external IT security experts, and we are already into week 4 of trying to get this resolved, I think it's worth me asking here in the hope that someone can provide the necessary answers.
My question is regarding the disclaimer at the top of this article:
Note: This is not a complete list of IP addresses needed to use Zendesk products. If you're on a Pod numbered 12 or above, you may see some IP addresses slightly outside these ranges due to AWS networking.
We are using JWT auth with the Zendesk SDK for ticketing in our app. According to our dashboard, we are hosted in a Pod numbered above 12. So, if a request comes to our JWT endpoint outside of the published list above, we will deny the request and the user will not be able to open a ticket. This is a deal breaker for us. Is it possible to move to another Pod? What are our options?
Hi all.
The company I work for has been using Zendesk for about a month now. The process of adapting from an MS Outlook point-of-view is beginning to show results, tickets from e-mails are being resolved.
The main problem we're facing is the how to implement ZD Talk. Currently we can't speak to our customers in ZD Talk, due to firewall issues. We have an onpen ticket with ZD Support regarding this, which recently has been elevated to Tier2.
Meanwhile, I'd like to check with everyone that are using ZD Talk:
How exactly have you solved the issue of accepting traffic from the list of IP numbers that needs to be allowed for ZD Talk to function properly?
Our IT dep. is reluctant to approve all of the IPs listed and I'm thinking that there should be other companies struggling with the same problem. We're operating from Sweden, if that could be of use, when replying to this.
Hoping for some good advice on how to proceed!
Best regards!
Given this recent change & complete removal of IPs
The Zendesk cloud is hosted by Amazon Web Services (AWS). As part of these recommendations, we’ve included a link to download AWS IP address ranges for your reference.
is there any guidance offered as to which parts of AWS one would whitelist?
I'm aware that to do so may broadcast a bit of infrastructure that Zendesk may not care to give out.
Hi there
Have there been any recent changes to the Zendesk public IP whitelist? Just troubleshooting a JIRA integration issue.
Thanks
Hi Raymond,
We're creating a ticket for you to get some account specific info, please keep an eye out for email.
Thanks!
Thanks for that 😎
Hi
The IP address 52.197.24.108 needs to be added.
Thanks
Thank you, Raymond! We have created a ticket for this update to the article.
Please sign in to leave a comment.