CrisisGo Firewall Configuration

CrisisGo App Requirements

To use the CrisisGo app and related features within your organization network, the outgoing traffic from your network to the IP addresses and corresponding domain names listed in this section must be allowed.

IP Addresses

Please make sure all traffic to the following IP addresses and Ports are permitted within all your network security appliances, including router, firewall, etc.

IP Address Protocol: Port Description
34.200.34.240 34.199.19.160 Tcp: 443 CrisisGo real-time app communication traffic based on XMPP. (Tip: Please also whitelist the Jabber/XMPP or Google Talk application in your firewall if applicable.)
75.2.42.231 99.83.198.240 Tcp: 443 HTTPS traffic

Domain Names

Please make sure all the essential and feature-specific Domain Names / URLs are permitted within all your network security appliances, including router, firewall, etc. (Tip: It’s recommended to whitelist all subdomains for *.crisisgo.net, *.crisisgo.com and *.crisisgoapps.com.)
Domain Name / URL Description
https://http-login.crisisgoapps.com Essential
https://http-server-11400002.crisisgo.net Essential
https://forgotpassword.crisisgo.com Essential
https://crisisgo.net Essential
https://integration.crisisgo.net Essential
https://saml.crisisgo.net Essential
https://signup.org.crisisgo.net Essential
https://capi.crisisgo.net Essential
https://sapi.crisisgo.net Essential
https://webapp.crisisgo.net Essential
https://url.crisisgo.net Essential
https://assessment.crisisgo.net Required for Threat Assessment
https://report.crisisgo.net Required for Report, Safety CheckIn, iPass
https://checkin.crisisgo.net Required for Safety CheckIn
https://checkin-admin.crisisgo.net Required for Safety CheckIn

Safe2SpeakUP App Requirements

Besides the requirements listed above for using the CrisisGo app, the outgoing traffic from your network to the additional IP addresses and corresponding domain names listed below must also be allowed to use the Safe2SpeakUp app.

IP Addresses

Please make sure all traffic to the following IP addresses and Ports are permitted within all your network security appliances, including router, firewall, etc.
IP Address Protocol: Port Description (Traffic)
34.203.128.210 34.204.58.228 Tcp: 5222 CrisisGo real-time app communication traffic based on XMPP. (Tip: Please also whitelist the Jabber/XMPP or Google Talk application in your firewall if applicable.)

Domain Names

Please make sure all the essential and feature-specific Domain Names / URLs are permitted within all your network security appliances, including router, firewall, etc.
Domain Name / URL Description
https://http-login.safe2speakup.com Essential
https://safe2speakup.com Essential
https://forgotpassword.safe2speakup.com Essential

Annex: Third-Party Service Requirements

CrisisGo uses some third-party services (e.g. Amazon S3, Apple Push Notification Services and Google/Firebase Cloud Messaging), so you will also need to whitelist those services, IP addresses and domains for the respective features to function well.

Amazon S3 Services

Please whitelist the Amazon S3 domain within all your network security appliances, including router, firewall, etc. If you are implementing IP-based firewall rules, you can get the IP address ranges used by Amazon S3 here https://aws.amazon.com/premiumsupport/knowledge-center/s3-find-ip-address-ranges/.

Amazon Service Domain Name Port How CrisisGo use it?
Amazon S3 s3.amazonaws.com 443 Videos in safety awareness, training center, safety news.

Apple Push Notification service (APNs)

CrisisGo uses the APNs to push offline notifications to you when CrisisGo app is offline on your iOS/Mac device. To use Apple Push Notification service (APNs), your Mac and iOS clients need a direct and persistent connection to Apple's servers. Below are the requirements from Apple. You can also find the information by clicking here https://support.apple.com/en-us/HT203609.Your iPhone, iPad, or iPod touch might connect to APNs over cellular data (if capable) or Wi-Fi.

If you use Wi-Fi behind a firewall, or private Access Point Name for cellular data, connect to specific ports. You need a direct, unproxied connection to the APNs servers on these ports:

  •         TCP port 5223 to communicate with APNs.
  •         TCP port 2195 to send notifications to APNs.
  •         TCP port 2196 for the APNs feedback service.
  •         TCP port 443 is required during device activation, and afterwards for fallback (on Wi-Fi only) if devices can't reach APNs on port 5223.

Check with your network administrator to make sure that the ports are accessible.

The APNs servers use load balancing, so your devices don't always connect to the same public IP address for notifications. It's best to let your device access these ports on the entire 17.0.0.0/8 address block, which is assigned to Apple.

Service Provider Apple Address Block Protocol: Ports
APNs 17.0.0.0/8 TCP:443,5223

Google/Firebase Cloud Messaging

CrisisGo uses the GCM/FCM to push offline notifications to your device when the CrisisGo app is offline on your Android device. If your organization has a firewall that restricts the traffic to or from the internet, you need to configure it to allow connectivity with FCM for CrisisGo to receive messages. The ports to open are: 5228,5229,5230. FCM usually uses 5228, but it sometimes uses 5229 and 5230. FCM does not provide specific IPs, so you should allow your firewall to accept outgoing connections to all IP addresses contained in the IP blocks listed in Google's ASN of 15169.Please visit https://firebase.google.com/support/faq/ for more information.
Service Provider Google Address Block Protocol: Ports
Google/Firebase Google's ASN of 15169 TCP:5228,5229,5230

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? To contact CrisisGo Support, please call 314-669-9022 x2. Otherwise, please fill out the following form, and one of our Support Analysts will respond as soon as possible. To contact CrisisGo Support, please call 314-669-9022 x2. Otherwise, please fill out the following form, and one of our Support Analysts will respond as soon as possible.