Skip to main content

Firewall Requirements

Dedicated devices are often behind corporate firewalls, preventing Esper's backend from communicating with them (or vice-versa). Please make sure to allow the following URLs and Ports if your fleet runs behind such a firewall.

Esper also offers streamer services and static IPs. Need these services? Get in touch.
FQDNs Ports Features
*.amazonaws.com TCP: 443 (HTTPS), TCP: 8883 (MQTT) For provisioning, app management and device management.
mqtt.shoonyacloud.com TCP: 1883 (MQTT) For MQTT communication with devices.
services.shoonyacloud.com TCP: 443 (HTTPS) Provisioning services and Remote Viewer APK.
turn.shoonyacloud.com TCP/UDP: 3478 (SCTP), TCP/UDP: 5349 (SCTP), UDP: 49152 - 65535 For Remote Viewer and Remote Control services.
dpcdownloads.esper.cloud TCP: 443 (HTTPS) For the 6-tap QR code method of provisioning and Remote Viewer APK.
[customer tenant].esper.cloud TCP: 443 (HTTPS) Grants access to the Esper Console when operating under a network with a restricted outbound firewall.
[customer tenant]-api.esper.cloud TCP: 443 (HTTPS) For communicating from the device to the Esper tenant. (example: device status events and command success/failure messages).
mqtt-telemetry-prod.esper.cloud TCP: 1883 (MQTT) Deep telemetry from devices.
mqtt.esper.cloud TCP:443 (MQTT over ssl) For MQTT communication to devices for commands (with TLS).
id.esper.cloud TCP: 443 (HTTPS) For Single Sign-on (SSO). 
  • ping.esper.cloud (Most current)
  • IP: 8.8.8.8 (Needed for Foundation devices)
  • clients3.google.com/generate_204  (Needed for devices on Esper Agent Version 7.8.7060 and below)
 Port 443 (HTTPS) Checks device's internet connectivity.
IP: 13.52.132.230 TCP: 40000 - 50000 For allowing secure remote ADB access to your devices.
time.android.com UDP: 123 NTP(SNTP) Used to actively synchronize the device's time.
ip-api.com TCP: 80 (HTTP) Used by devices to automatically retrieve the timezone.

  1. shoonya-firebase.firebaseio.com

  2. *.crashlytics.com

  3. crashlyticsreports-pa.googleapis.com

  4. firebasecrashlyticssymbols.googleapis.com

TCP: 443 (HTTPS)

TCP: 5228 (HTTPS)

TCP: 5229 (HTTPS)

TCP: 5230 (HTTPS)

 Firebase/Crashlytics. Used to send crash reports.

  1. firebaseinstallations.googleapis.com

  2. fcm.googleapis.com

TCP: 443 (HTTPS)

TCP: 5228 (HTTPS)

TCP: 5229 (HTTPS)

TCP: 5230 (HTTPS)

Used for GMS devices to:

  • Send commands
  • Ping to wake up devices
  1. *.gstatic.com 
  2. *.googleapis.com 
  3. www.google.com
 TCP: 443 (HTTPS) Used during 6-tap QR Code provisioning.
  • android.clients.google.com
  • clients2.google.com
  • dl.google.com
  • accounts.google.com
  • play.google.com
  • *.googleusercontent.com
  • *.googletagmanager.com
 TCP: 443 (HTTPS) Used during Android for Work (AFW) provisioning.
statserv.esper.cloud TCP: 443 (HTTPS) Sends deployment stats and provisioning failures to Esper monitoring systems.
eea-services.esper.cloud TCP: 443 (HTTPS) For Foundation Devices. Enables Foundation Automatic Updates.
eea-sentry.esper.cloud TCP: 443 (HTTPS) For Foundation Devices. Sends telemetry data to Sentry.

Related articles

Featured Posts