hurdle

Connection

Network/Firewall Information

Required Services

The below services should not be routed through a proxy or VPN, this will add undue latency and may affect the quality of services provided by hurdle.

PurposeHostnameIP AddressPortsDescription
Session Join Pagestart.hurdle.live

3.9.8.134

3.9.88.82

18.169.2.200

35.177.84.69

80/TCP, 443/TCPJoin page course attendees open to start a session and download our application
hurdle main APIapi.hurdle.live80/TCP, 443/TCPPrimary API to authenticate and retrieve functional information
Conference Managerconference.hurdle.live

80/TCP, 443/TCP

30300-30399/UDP

Conference server, all audio/video/chat gets managed here If UDP ports 30300 – 30399 are closed traffic will be routed through TURN server. This can reduce hurdle session performance due to additional latency and processing.

WebSockets are required and must be allowed through

VM Secure Tunneltunnel.hurdle.live80/TCP, 443/TCP

Tunnel to securely authenticate against our Virtual Machines

WebSockets are required and must be allowed through

App deployment storagereleases.hurdle.live

AWS CloudFront CDN. Published AWS IP list (Json format) –

d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips

80/TCP, 443/TCP

Location the hurdle application is deployed to end user from when they load the download page to join a session.

Specific Path: releases.hurdle.live/Hurdle.LIVE-Desktop

TURN Servertu-xz0gu3.relay.hurdle.live18.133.240.13980/TCP/UDP, 443/TCP/UDPSTUN, TURN and TURNS protocol server for managing socket connections to the conference

Optional Services

The services listed below do not have to be unblocked, but it may give a better experience to use hurdle, please read the description carefully for each service to determine if you need to unblock it.

PurposeHostnameIP AddressPortsDescription
Connectivity Check

stun.l.google.com

stun1.l.google.com

stun2.l.google.com

stun3.l.google.com

stun4.l.google.com

(Non-deterministic, use hostname)19302/UDPUsed for direct connectivity check, typically for restrictive networks where theres potential we can communicate directly with hurdle infrastructure, if this is blocked the TURN server above MUST be unblocked
Loggingo1022394.ingest.sentry.io(Non-deterministic, use hostname)80/TCP, 443/TCPReal-time event logging for diagnosing issues