Verified AI summary ◀▼
To access Contact Center through your network, allow specific IP addresses for both Contact Center and third-party services. Follow AWS Amazon Connect requirements and update your network settings to include necessary domains and IP ranges. This ensures smooth operation and access to features like analytics, user metrics, and beta toggling. Check AWS documentation for detailed IP ranges and configurations.
To make Contact Center accessible through your network, there are several IP addresses you need to allow for Contact Center and for third-party services.
You should also follow the AWS Amazon Connect networking requirements. See Set up your network to use the Amazon Connect Contact Control Panel (CCP) in the AWS documentation.
This article contains the following topics:
Understanding the network requirements
There are several services that must be allowed so that they're accessible in your network:
- Contact Center services: Contact Center leverages AWS Cloudfront to host and serve Contact Center. To reach the Contact Center SaaS-hosted services, your network must be able to reach the associated IPs.
- Customer-deployed services: Contact Center leverages the AWS API Gateway as part of the Cloudformation stack deployed and hosted in your AWS environment as a customer. The API Gateway service leverages an EDGE type API gateway.
- Additional third-party services: Zendesk leverages a number of third-party services for extended functionality, including analytics, user-metrics, and beta feature toggling. To ensure you have access to full Contact Center functionality, you should allow the domains and IP addresses of the services you use.
Allowing IP addresses for Contact Center
The following domains must be allowed for Contact Center to be accessible in your network.
Domain allow list
| Domain/URL allow list | Purpose | IP Ranges | Ports | Direction | Traffic |
|---|---|---|---|---|---|
| engage.{region}.localmeasure.com (Replace region with one of the following: uk, us, syd, ca.) |
Engage Agent desktop and corresponding back end. | Cloudfront edge servers | 443 (TCP) | Outbound | Send/Receive |
| .{region}.localmeasure.com (Replace region with one of the following: uk, us, syd, ca.) |
Engage Agent desktop and corresponding back end. | Cloudfront edge servers | 443 (TCP) | Outbound | Send/Receive |
| Deployment-specific API Gateway URL (See Contact Center settings panel under Admin Settings > General Settings > Main Configuration > Contact Center Connection > API Gateway URL.) |
This is deployed into your AWS account each time a Cloudformation update is run. The URL changes each time and needs to be updated after every upgrade. | API Gateway JSON | 443 (TCP) | Outbound | Send/Receive |
| app.launchdarkly.com | Enable this if you wish to get access to Beta features | Launchdarkly | 443 (TCP) | Outbound | Send/Receive |
| clientstream.launchdarkly.com | Enable this if you wish to get access to Beta features | Launchdarkly | 443 (TCP) | Outbound | Send/Receive |
| events.launchdarkly.com | Enable this if you wish to get access to Beta features | Launchdarkly | 443 (TCP) | Outbound | Send/Receive |
| https://logs.browser-intake-datadoghq.com/ | error logs for application monitoring | Datadog/ | 443 (TCP) | Outbound | Send/Receive |
| www.facebook.com | Enable this only if Facebook chat is required | N/A | 443 (TCP) | Outbound | Send/Receive |
| connect.facebook.net | Enable this only if Facebook chat is required | N/A | 443 (TCP) | Outbound | Send/Receive |
| cdn.segment.com | Application analytics | 443 (TCP) | Outbound | Send/Receive |