The following domains should be whitelisted for the best experience.
The tests found in this article can help diagnose if any compatibility tests are still failing, indicating that further whitelisting may need to be done.
Do you use Zscaler or Forcepoint, or have SSL inspection turned on in your network tool? If so, you might need to add an SSL bypass rule for some of these domains. Scroll to the end of this article for more information.
Please Note: If you have participants in China, please take a look at our documentation here as some services are blocked: https://www.livingsecurity.com/support/how-to-use-teams-cyberescape-online-in-china
Session Calendar Invites and Authentication (emailed)
Participant Audio & Video Conferencing
*.twilio.com or refer to this table for specific destinations: https://www.twilio.com/docs/video/ip-addresses
Whitelist your choice of the following ports:
- 10,000 - 60,000 UDP/SRTP/SRTCP
If you prefer to whitelist individual IPs based on geographic location, you can use this article for reference: https://www.twilio.com/docs/video/ip-addresses#media-servers
Websocket & Database Connection:
Gameplay CMS & Puzzles:
Whitelisting the following domains will create the most optimal experience, and will allow us to help with troubleshooting, provide chat support if needed, and give you access to our accessibility tool.
Hubspot Chat Widget (optional)
Debugging and Error Tracking (optional)
Instructions & Help Tooltips (optional)
Living Security Support Portal (optional)
Accessibility Widget (optional)
Security tools like ZScaler, Netskope, and Forcepoint have an optional setting that can make them act as an SSL Proxy. Some services (like Firebase) don’t like SSL Proxies sitting between them and users. If you use either of these network security tools and are having trouble getting tests to pass, adding an SSL bypass rule will likely resolve blocking issues. You can find more detailed information on what this means and how to do this in the following articles:
Also helpful is configuring SSL Certificate Pinning for Google Shared Services as outlined here:
The following domains are what we have observed some of our customers having the most frequent errors with. They have successfully resolved these by adding an SSL decryption bypass rule.
firestore.googleapis.com (or *.googleapis.com)
*.livingsecurity.com (if your videos or puzzles are loading slowly, adding a bypass for this domain might help)
Other Network Security Software
If you don't use Zscaler or Forcepoint but are still having trouble with whitelisting and getting the compatibility tests to pass, we recommend following the same tips in the Zscaler support docs. Customers have reported the most success by adding an SSL decryption bypass rule for firestore.googleapis.com (or for googleapis.com in general).
Questions? Contact Us!