If you use a web proxy or firewall that filters internet traffic, it can often be a time consuming task to figure out what domains or IPs need to be whitelisted or bypassed.
Here I will maintain an up to date list of common sites and services I come across to allow you to easily unblock / whitelist various sites and services (including but not limited to the Apple App Store, Google Play and Google Meet).
In some cases not all the domains/URLs will need to be added for core functionality, however these lists are complete lists for full functionality of the services.
Google Hangouts and Google Meet
Unblock Google Hangouts / Unblock Google Meet / Google Meet firewall rules / Google Hangout firewall rules / Google Hangout via a proxy / Google Meet via a proxy
googleapis.com gstatic.com googleusercontent.com UDP ports 19302 to 19309 – to open on firewall
*when adding Google domains to a complete bypass in an proxy with SSL intercept enabled, other Google domains such as YouTube.com may also be whitelisted. This issue definitely affects squid v5 based proxies and below.
Google Classrooms
Unblock Google Classroom / Google Classroom firewall rules / Google Classroom via a proxy
googleapis.com gstatic.com googleusercontent.com 2001:4860:4864:5::0/64 74.125.250.0/24 classroom.google.com googlevideo.com hangouts.google.com lens.l.google.com meet.google.com youtube-nocookie.com ytimg.com
UDP ports 19302 to 19309 – to open on firewall
*when adding Google domains to a complete bypass in an proxy with SSL intercept enabled, other Google domains such as YouTube.com may also be whitelisted. This issue definitely affects squid v5 based proxies and below.
Microsoft Teams
Unblock Microsoft Teams / Microsoft Teams Firewall Rules / Microsoft Teams via a proxy
msftauth.net msauth.net msocsp.com lync.com microsoft.com skype.com skypeforbusiness.com sfbassets.com skypemaprdsitus.trafficmanager.net windows.net msecnd.net ajax.aspnetcdn.com mlccdn.blob.core.windows.net aka.ms azure.net users.storage.live.com windows.com msedge.net mstea.ms skypeassets.com azureedge.net office.net compass-ssl.microsoft.com
Zoom
Unblock Zoom / Zoom Firewall Rules / Zoom via a proxy
zoom.us
Most filtering providers in my experience will just work with zoom.us either whitelisted or as an exception/bypass in the filtering, however some are picky (such as Smoothwall) and require a long list of IPs adding to allow Zoom to work. These can be found here.
Apple App Store & Apple ID Sign in
Unblock App Store / App Store Firewall Rules / App Store via a proxy
104.64.0.0/10 17.0.0.0/8 2.22.146.0/24 23.192.0.0/11 23.63.98.0/23 92.123.140.0/22 Apple.com Itunes.com Mzstatic.com ocsp.digicert.com*
* Certificate authority used by Apple. This may already be allowed in some setups, therefore might not need adding.
Google Play Store
Unblock Google Play Store / Google Play Store firewall rules / Google Play Store via a proxy
android.clients.google.com gvt1.com lh3.ggpht.com lh3.googleusercontent.com mighty-app.appspot.com play.googleapis.com play.google.com update.googleapis.com
*when adding Google domains to a complete bypass in an proxy with SSL intercept enabled, other Google domains such as YouTube.com may also be whitelisted. This issue definitely affects squid v5 based proxies and below.
Sophos Antivirus Updates
Unblock Sophos updates / Sophos updates firewall rules / Sophos updates via a proxy
sophos.com sophosupd.com sophosupd.net sophosxl.net ocsp2.globalsign.com * crl.globalsign.com *
* Certificate authority used by Sophos. This may already be allowed in some setups, therefore might not need adding.
Spotify
Unblock Spotify / Spotify firewall rules / Spotify via a proxy
Spotify.com sectigo.com * usertrust.com *
* Certificate authority used by Spotify. This may already be allowed in some setups, therefore might not need adding.
YouTube
Unblock YouTube / YouTube Firewall rules / YouTube via a proxy
youtube.com youtube.co.uk ytimg.com
Disney Plus
Unblock Disney Plus / Disney Plus Firewall rules / Disney Plus via a proxy
disneyplus.com disney-plus.net
Most systems seem to work with just the above two entries, however some seem to require the following additions:
bamgrid.com bam.nr-data.net cdn.registerdisney.go.com cws.conviva.com d9.flashtalking.com disney-portal.my.onetrust.com disneyplus.bn5x.net js-agent.newrelic.com dssott.com adobedtm.com
4OD / All 4
Unblock All 4/ All 4 Firewall rules / All 4 via a proxy / Unblock 4OD / 4OD Firewall rules / 4OD via a proxy
ais.channel4.com channel4.demdex.net 4id.channel4.com 4od.channel4.com fax.c4.aws.redbeemedia.com * ad-emea.doubleclick.net *
* These are ad network URLs, however the stream will fail to load unless the ads can be loaded.
Asda Online Shopping
Unblock Asda / Asda Firewall rules / Asda via a proxy
asda.com assets-asda.com
Recent Comments