Network firewall or proxy server settings for hurdle.

Connections made to hurdle cloud server use the following TCP and UDP ports. For companies with managed firewalls, make sure to open these Firewall ports against hurdle’s entire IP range.

Purpose

Hostname

IP Address

Ports

Description

Session join page

start.hurdle.live

3.9.8.134

3.9.88.82

18.169.2.200

35.177.84.69

80/TCP, 443/TCP

Join page course attendees open to start a session and download our application.

Hurdle main API

api.hurdle.live

80/TCP, 443/TCP

Primary API to authenticate and retrieve functional information

Conference Manager

conference.hurdle.live

80/TCP, 443/TCP

30300-30399/UDP

Conference server, all audio/video/chat gets managed here

If UDP ports 30300 – 30399 are closed traffic will be routed through TURN server.  This can reduce hurdle session performance due to additional latency and processing

VM Secure Tunnel

tunnel.hurdle.live

80/TCP, 443/TCP

Tunnel to securely authenticate against our Virtual Machines

App deployment storage

 releases.hurdle.live

AWS CloudFront CDN. 

Published AWS IP list (Json format) – d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips

80/TCP, 443/TCP

Location the hurdle application is deployed to end user from when they load the download page to join a session.

Specific Path:

releases.hurdle.live/Hurdle.LIVE-Desktop

TURN Server

tu-o3qyyi.relay.hurdle.live

35.177.70.124

80/TCP/UDP, 443/TCP/UDP

STUN, TURN and TURNS protocol server for managing socket connections to the conference

It is recommended that if your company operates a proxy server hurdle IP’s should be allowed to bypass this for performance purposes.

Optional Services

The services listed below do not have to be unblocked, but may give a better experience to use hurdle, please read the description carefully for each service to determine if you need to unblock it.

Purpose

Hostname

IP Address

Ports

Description

Connectivity Check

stun.l.google.com
stun1.l.google.com
stun2.l.google.com
stun3.l.google.com
stun4.l.google.com

(Non-deterministic, use hostname)

19302/UDP

Used for direct connectivity check, typically for restrictive networks where there is potential we can communicate directly with hurdle infrastructure, if this is blocked the TURN server above MUST be unblocked

Logging

o1022394.ingest.sentry.io

(Non-deterministic, use hostname)

80/TCP, 443/TCP

Real-time event logging for diagnosing issues