Support.com® Cloud requires Agents to use a modern web browser such as Chrome or Firefox to securely access common content and services over standard network ports. Outbound traffic is often less restricted; depending on firewall configuration, a network administrator in your IT organization may need to make some minor changes to the firewall rules for Support.com Cloud to function properly.


Required web domain access for Support.com Cloud

If you are deploying all aspects of Support.com Cloud (Self-Support | Agent-Support | Remote Control | SeeSupport) within a firewall environment, the following network resources must be accessible on port 80/443:

  • *.nexus.support.com.
  • s3.amazonaws.com
  • *.opentok.com
  • *.tokbox.com
  • cdn.sockjs.org
  • ajax.googleapis.com
  • fonts.googleapis.com

Whitelist configurations for SeeSupport

Support.com Cloud SeeSupport is a peer-to-peer application and requires outbound access on specific ports to the general internet in order to function reliably. The SeeSupport video stream performance can be greatly enhanced using the optional UDP ports listed.


  • Required:
    • TCP Port 443 opened up using SSL over TLS
    • TCP & UDP Port 3478 (minimum)
  • Optional:
    • UDP 1025-65535 (strongly recommend)


Configuring your network for internal remote control

If you are deploying and leveraging the Remote Control capabilities of Support.com Cloud with internal users (within your firewall), you will need to make the following network configurations:
  • Allow outbound non-TLS traffic on ports 443 & 3478
    Note: Some firewall/proxy rules only allow for SSL traffic over port 443. You will need to make sure that non-web traffic can also pass over this port.

IP Whitelisting to receive event notifications from Support.com Cloud

If the firewall surrounding your Access Point URL is configured to restrict inbound traffic, then the following network resources must be permitted to receive Support.com Cloud back-end notifications:

  • Allow inbound traffic on ports 80/443
  • Whitelist Production and DR Site IP Ranges:
    • 74.201.114.0/24
    • 3.235.72.32/27
    • 18.204.182.102
    • 34.202.190.104
    • 34.203.4.255
    • 35.174.82.162
    • 18.205.81.55
    • 35.171.106.120

Impact of disabled access/configurations

If you are unable to grant access to the web domains or make the necessary configurations, the following exceptions will apply:
  • Amazon - Guided Paths cannot be created or edited.  
  • Non TLS-SSL:  Remote control of internal (within your firewall) computers will not be possible.
  • UDP Port Opened:  SeeSupport will perform slower than is optimally available.