Firewall configuration
Configuration of your corporate firewall
GoBright users and devices several types of connections to function correctly.
Nearly every function use HTTPS to communicate outbound to the GoBright portal. But in some cases, there might be exceptions for your specific case (e.g. when using on-premise Exchange).
In the overview below the different connections are show, these following ports and exceptions must be configured to make optimal use of the system.
Notes:
- ‘Outbound’ is from your corporate firewall to the GoBright platform
- ‘Inbound’ is from the GoBright platform inbound into your corporate network
| Applicability | Port / Name | Type | Usage |
| Always | Outbound 80 (optional) |
HTTP |
Optional redirecting HTTP to HTTPS for user convenience |
| Always | Outbound 443 |
HTTPS |
Traffic over HTTPS (TLS 1.2 or higher) to the GoBright platform |
| When using Interact devices | Outbound 8883 |
MQTT |
Traffic over MQTT over TLS to the GoBright platform |
|
|
|||
| Always | *.brightbooking.eu |
URL |
For calls to the GoBright platform from devices |
| Always | *.gobright.com |
URL |
For calls to the GoBright platform from devices |
| Always | *.gobright.cloud |
URL |
For calls to the GoBright platform from devices |
|
|
|||
| When using displays, Interacts or Gateways | NTP (UDP 123) DNS (UDP+TCP 53) |
NTP |
Devices rely on NTP to get a correct date & time & DNS to reach the internet. |
|
|
|||
| When using on-premise Exchange | Inbound 443 |
HTTPS |
GoBright platform connecting to the EWS of the on-premise Exchange |
| When using on-premise Exchange | Outbound 443 to *.gobright.cloud |
HTTPS |
Sending change notifications from on-premise Exchange to GoBright platform |
Please consult your IT department whether the connections above are allowed and accessible.
Advanced: Filtering inbound/outbound traffic based on IP-addresses
We publish our public IP-addresses, for advanced filtering requirements. If you implement IP filtering on your firewalls and systems, see the guidance below, and make sure to be subscribed to our status page for any changes in the IP addresses.
Change process of IP addresses
The IP addresses are static, but in some cases, we need to commission or decommission IP addresses. This will be published as ‘maintenance’ on our status page, typically at least 1 week before the change becomes active.
Please make sure to subscribe to the status page, by signing up via the ‘get updates’ button on the status page, you will be updated if maintenance is published (e.g. if IP addresses change).
Notes:
- ‘Outbound’ is from the corporate firewall to the GoBright platform, e.g. a user or GoBright device connecting to the GoBright platform.
-
‘Inbound’ is from the GoBright platform to the internet, e.g. GoBright platform connecting to Office 365 / Microsoft 365 to synchronize data.
Meet Work Visit – MS Azure Region West Europe
| Name | Direction | Domain name / CNAME | Current IP address |
Azure Servicetag |
| Entry | Customer -> GoBright Cloud (Inbound) | portal.gobright.cloud | 132.220.99.159 | |
| T1B | Customer -> GoBright Cloud (Inbound) | t1b.gobright.cloud | 132.220.99.159 | |
| T2B | Customer -> GoBright Cloud (Inbound) | t2b.gobright.cloud | 132.220.99.159 | |
| T3B | Customer -> GoBright Cloud (Inbound) | t3b.gobright.cloud | 132.220.99.159 | |
| T4B | Customer -> GoBright Cloud (Inbound) | t4b.gobright.cloud | 132.220.99.159 | |
| IOT Hub* | Customer -> GoBright Cloud (Inbound) | gb-eu1-iothub.azure- devices.net |
13.69.109.3* | AzureIoTHub.WestEurope |
IOT Hub Ip not fixed!
* IOTHub Ipaddress is not fixed by Microsoft, we know what the current ip-address is but Microsoft can decide to change it to one of the following addresses:
13.69.71.0/25, 13.69.109.0/25, 13.95.15.251/32, 23.100.4.253/32, 23.100.8.130/32, 40.113.153.50/32, 40.113.176.160/27, 40.113.176.192/27, 40.113.177.0/24, 40.118.27.192/32, 51.144.118.31/32, 52.236.189.128/25
View – MS Azure Region West Europe
| Name | Direction | Domain name / CNAME | Current IP address |
Azure Servicetag |
| Entry | Customer -> GoBright Cloud (Inbound) | portal.gobright.cloud | 132.220.99.159 | |
| T1S | Customer -> GoBright Cloud (Inbound) | t1s.gobright.cloud | 132.220.99.159 | |
| Storage* | Customer -> GoBright Cloud (Inbound) | gbeu1sstoraget1s.blob .core.windows.net |
20.60.26.196* | Storage.WestEurope |
Storage Ip not fixed!
* Storage Ipaddress is not fixed by Microsoft, we know what the current ip-address is but Microsoft can decide to change it to one of the following addresses:
13.69.40.16/28, 13.95.96.176/28, 13.95.240.16/28, 13.95.240.32/28, 13.95.240.64/27, 20.33.145.0/24, 20.33.163.0/24, 20.33.198.0/24, 20.33.207.0/24, 20.33.217.0/24, 20.33.232.0/24, 20.33.244.0/24, 20.38.108.0/23, 20.47.7.0/24, 20.47.18.0/23, 20.47.30.0/24, 20.60.26.0/23, 20.60.130.0/24, 20.60.150.0/23, 20.60.196.0/23, 20.60.222.0/23, 20.60.250.0/23, 20.150.8.0/23, 20.150.37.0/24, 20.150.42.0/24, 20.150.74.0/24, 20.150.76.0/24, 20.150.83.0/24, 20.150.122.0/24, 20.153.4.0/24, 20.153.31.0/24, 20.153.97.0/24, 20.153.108.0/24, 20.157.33.0/24, 20.157.146.0/24, 20.157.158.0/24, 20.157.170.0/24, 20.157.186.0/24, 20.157.230.0/24, 20.157.245.0/24, 20.209.10.0/23, 20.209.48.0/23, 20.209.72.0/23, 20.209.76.0/23, 20.209.108.0/23, 20.209.192.0/23, 20.209.230.0/23, 40.68.176.16/28, 40.68.176.48/28, 40.68.232.16/28, 40.68.232.48/28, 40.114.152.16/28, 40.114.152.48/28, 40.118.72.176/28, 40.118.73.48/28, 40.118.73.176/28, 40.118.73.208/28, 52.166.80.32/27, 52.166.80.80/28, 52.166.80.96/28, 52.174.8.32/28, 52.174.224.16/28, 52.174.224.32/28, 52.174.224.64/27, 52.174.224.112/28, 52.174.224.128/28, 52.236.240.48/28, 52.236.240.64/28, 52.239.140.0/22, 52.239.212.0/23, 52.239.242.0/23, 57.150.2.0/23, 57.150.80.0/23, 57.150.90.0/23, 57.150.110.0/23, 57.150.150.0/23, 57.150.166.0/23, 57.150.224.0/23, 104.214.243.32/28, 135.130.102.0/23, 168.61.57.64/26, 168.61.57.128/25, 168.61.58.0/26, 168.61.58.128/26, 168.61.59.64/26, 168.61.61.0/26, 168.61.61.192/26, 168.63.0.0/26, 168.63.2.64/26, 168.63.3.32/27,168.63.3.64/27, 168.63.113.32/27, 168.63.113.64/27, 191.237.232.32/28, 191.237.232.128/28, 191.239.203.0/28
Meet Work Visit – MS Azure Region UK South
| Name | Direction | Domain name / CNAME | Current IP address |
Azure Servicetag |
| Entry | Customer -> GoBright Cloud (Inbound) | portal.gobright.cloud | 132.220.99.159 | |
| UK1B | Customer -> GoBright Cloud (Inbound) | uk1b.gobright.cloud | 51.142.65.178 | |
| UK IOT Hub* | Customer -> GoBright Cloud (Inbound) | gb-uk1-iothub. azure-devices.net |
51.105.69.0* | AzureIoTHub.UKSouth |
IOT Hub Ip not fixed!
* IOTHub Ipaddress is not fixed by Microsoft, we know what the current ip-address is but Microsoft can decide to change it to one of the following addresses:
51.104.30.0/25, 51.104.30.128/27, 51.105.69.0/27, 51.105.75.192/27, 51.140.84.251/32, 51.140.126.10/32, 51.140.149.32/27, 52.151.78.51/32
View – MS Azure Region UK South
| Name | Direction | Domain name / CNAME | Current IP address |
Azure Servicetag |
| Entry | Customer -> GoBright Cloud (Inbound) | portal.gobright.cloud | 132.220.99.159 | |
| UK1S | Customer -> GoBright Cloud (Inbound) | uk1s.gobright.cloud | 51.142.65.178 | |
| UK Storage* | Customer -> GoBright Cloud (Inbound) | gbuk1sstorageuk1s. blob.core.windows.net |
20.60.166.65* | Storage.UKSouth |
Storage Ip not fixed!
* Storage Ipaddress is not fixed by Microsoft, we know what the current ip-address is but Microsoft can decide to change it to one of the following addresses:
20.33.148.0/24, 20.33.168.0/24, 20.33.234.0/24, 20.38.106.0/23, 20.47.11.0/24, 20.47.34.0/24, 20.60.17.0/24, 20.60.166.0/23, 20.150.18.0/25, 20.150.40.0/25, 20.150.41.0/24, 20.150.69.0/24, 20.153.83.0/24, 20.157.157.0/24, 20.157.182.0/24, 20.157.246.0/24, 20.209.6.0/23, 20.209.30.0/23, 20.209.88.0/23, 20.209.128.0/23, 20.209.158.0/23, 20.209.240.0/23, 51.140.16.16/28, 51.140.16.32/28, 51.140.168.64/27, 51.140.168.112/28, 51.140.168.128/28, 51.141.128.32/27, 51.141.129.64/26, 51.141.130.0/25, 52.239.187.0/25, 52.239.231.0/24, 57.150.236.0/23, 135.130.130.0/23
MS Exchange Onpremise
| Region | Direction | Ip-addresses |
| West Europe | GoBright Cloud -> Customer (Outbound) | 20.76.202.176, 20.76.202.219, 20.76.202.251, 20.76.203.229, 20.76.205.16, 20.76.205.70, 9.163.80.120, 20.101.200.78, 20.101.200.94, 20.101.200.121, 20.101.200.155, 20.101.200.187, 20.101.200.225, 20.101.200.231, 20.101.200.232, 20.101.201.11, 20.101.201.21, 20.101.201.31, 20.101.201.33, 20.101.201.34, 20.101.201.38, 20.101.201.60, 20.101.201.73, 20.101.201.110, 20.101.200.229, 20.101.200.244, 20.101.200.245, 20.101.201.1, 20.101.201.4, 20.101.201.5, 20.101.201.14, 20.50.2.79 |
| UK South | GoBright Cloud -> Customer (Outbound) | 20.90.225.75, 20.90.232.39, 20.90.233.3, 20.90.234.138, 20.90.234.148, 20.90.234.153, 85.210.76.221, 20.90.234.165, 20.90.234.204, 20.90.235.85, 20.90.235.132, 20.90.235.147, 20.90.235.150, 20.90.235.162, 20.90.235.164, 20.90.235.167, 20.90.235.177, 20.90.235.186, 20.90.236.47, 20.90.236.60, 20.90.236.89, 20.90.236.113, 20.90.236.117, 20.90.236.123, 20.90.236.125, 20.90.236.127, 20.90.236.135, 20.90.236.140, 20.90.236.151, 20.90.236.179, 20.90.236.183, 51.104.28.80 |
To see IP addresses we have used before, but are now decommissioned, please click the accordion below.
Overview of historically used IP addresses
Direction
IP address
State
Notes
Outbound
83.247.25.210
Decommissioned
Not in use anymore, fully decommisioned since:
December 24, 2021 at
01:00 AM CET
Outbound
83.247.25.211
Decommissioned
Inbound
83.247.25.69
Decommissioning
Not in use anymore, fully decommisioned since:
December 24, 2021 at
01:00 AM CET
Inbound
83.247.25.70
Decommissioning
Inbound
217.67.237.72
Decommissioning
Inbound
83.247.25.83
Decommissioning
Inbound
83.247.25.121
Decommissioning
Inbound
83.247.25.210
Decommissioning