What are the Firewall Exceptions and IP addresses of Splashtop servers/Services?

In some network environments, firewalls may be blocking the communication with Splashtop servers and thereby preventing Splashtop from working properly.

Testing Network Accessibility

You can determine whether this is the case by running the Splashtop network check tool from within those network environments. Just browse to www.splashtop.com/check using a device that's on the network you want to test.

Allowing Communication with Splashtop Servers

If communication is blocked, please enable your firewalls to allow communication in both directions with these domains:

  1. Allow access to Splashtop servers
    • (For both Global and EU regions) *.api.splashtop.com (* represents wildcard)
    • (For EU region) *.api.splashtop.eu (* represents wildcard)
    • (For both) *.relay.splashtop.com (* represents wildcard)
    • (For both) update-g3.splashtop.com / update.splashtop.com / sn.splashtop.com (for endpoints auto-update)
  2.  Port 443 needs to be open and allow both HTTP over TLS and non-HTTP over TLS
  3. Disable/bypass Deep Packet Inspection (DPI) (also may be called SSL Inspection) for Splashtop traffic

(How to find my service region info: Link.)

Local connections

If both devices are on the same network, communications are point-to-point via TCP ports 6783-6785 (default setting).  For tight firewalls, you may need to allow these TCP ports internally (not externally).

IP Addresses of Splashtop Servers

Splashtop servers reside in data centers hosted by multiple renowned cloud service providers. The servers' IP addresses are dynamically allocated and change over time. Therefore, it is not really practical to configure your firewall exceptions using IP addresses. The list of IP addresses is long, and they may change from time-to-time. The best way is to configure your firewall exceptions using the wildcard domains above.

If you do need the IP addresses of the Splashtop API servers, you can use the following commands to look up the current IP addresses:

Global region

  • nslookup st-v3.api.splashtop.com
  • nslookup st-v3-g3.api.splashtop.com
  • nslookup st-v3-src.api.splashtop.com
  • nslookup st-v3-src-g3.api.splashtop.com
  • nslookup st-relay-v3.api.splashtop.com
  • nslookup st-relay-v3-g3.api.splashtop.com
  • nslookup st-lookup-v1.api.splashtop.com
  • nslookup st-lookup-v1-g3.api.splashtop.com
  • nslookup st-premium-v3.api.splashtop.com
  • nslookup st-premium-v3-g3.api.splashtop.com
  • nslookup st-premium-v3.api.splashtop.eu
  • nslookup st-premium-v3-g3.api.splashtop.eu

 

EU region

  • nslookup st-v3.api.splashtop.eu
  • nslookup st-v3-g3.api.splashtop.eu
  • nslookup st-v3-src.api.splashtop.eu
  • nslookup st-v3-src-g3.api.splashtop.eu
  • nslookup st-relay-v3.api.splashtop.eu
  • nslookup st-relay-v3-g3.api.splashtop.eu
  • nslookup st-premium-v3.api.splashtop.eu
  • nslookup st-premium-v3-g3.api.splashtop.eu
  • nslookup st-lookup-v1.api.splashtop.com
  • nslookup st-lookup-v1-g3.api.splashtop.com

(How to find my service region info: Link.)

If you need the IP addresses of the Splashtop relay servers, please contact our support team.

IP Addresses of download and auto-update servers for Splashtop endpoints 

Splashtop takes advantage of Cloudfront service hosted by AWS (Amazon Web Services) to host Splashtop Business and Splashtop Streamer installers. If you need to make sure download and auto-update work without being blocked, please follow below instruction provided by AWS to find IP addresses:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/LocationsOfEdgeServers.html

Port 80 needs to be open, for downloading new version installers from Cloudfront service.

Allowing Communication for End-to-end(QUIC) connections

Please refer to How to configure my router/firewall to support QUIC

true
12 out of 27 found this helpful