Allowlist requirements for IP addresses and URLs

Add the following IP addresses and URLS to the allowlist

IMPORTANT  Aside from the following IP addresses listed, additional IPs may be used to access various Amazon Web Services (AWS) infrastructure. The list gets updated as AWS makes changes. For more information, refer to AWS IP Address Ranges.

IMPORTANT  If your antivirus product has flagged the Datto RMM Agent installer as malicious, speak to your antivirus provider and request that they mark the installer as a false positive to allow it through.

IP addresses per platform (Inbound)

Concord (US East) Vidal (US East) NEW Zinfandel (US West) Merlot (EU) Pinotage (EU) Syrah (APAC)

15.197.219.241 NEW

3.212.135.46

3.214.218.15

3.225.100.60

3.33.215.54 NEW

34.194.150.48

34.195.169.6

34.197.246.173

34.224.132.33

34.226.13.192

35.153.96.73

44.196.147.108

44.199.24.116

52.2.62.118

52.202.196.195

52.23.104.21

52.4.97.130

52.44.145.56

52.45.55.143

52.5.251.79

52.6.151.191

52.7.200.96

52.7.54.43

52.71.59.169

54.164.96.143

54.165.240.214

54.165.85.82

54.172.198.183

54.172.8.243

54.173.70.131

54.225.244.30

54.227.227.71

54.88.212.141

54.88.94.23

23.22.202.6

3.211.115.95

3.220.155.148

3.222.64.18

3.227.56.89

34.193.53.123

34.232.189.146

34.237.171.187

35.174.97.178

44.196.50.36

44.199.36.241

52.0.158.138

52.0.206.196

52.206.34.175

54.237.52.130

15.197.238.235 NEW

3.33.246.235 NEW

34.210.221.105

35.164.164.104

44.228.215.246

44.229.43.198

44.237.20.207

44.239.113.157

52.10.187.64

52.11.249.126

52.11.96.162

52.26.220.111

52.27.100.233

54.149.146.68

54.186.19.220

54.200.154.205

54.201.132.105

54.201.158.254

54.201.174.248

54.201.211.18

54.213.162.73

54.213.57.149

54.214.186.160

13.248.183.85 NEW

34.249.56.200

34.249.66.145

34.250.95.109

34.252.248.172

34.253.21.48

34.253.45.80

52.213.142.143

54.170.197.44

54.194.100.128

54.194.153.16

54.194.17.228

54.194.217.74

54.194.218.239

54.194.242.0

54.194.245.26

54.194.25.164

54.194.42.15

54.194.50.12

54.194.54.213

54.194.55.167

54.194.59.222

54.194.70.100

54.194.73.199

54.194.74.127

54.194.87.166

54.216.209.93

54.77.66.30

76.223.59.231 NEW

35.71.166.34 NEW

52.16.135.243

52.16.171.246

52.16.199.216

52.16.205.224

52.16.45.168

52.17.157.63

52.17.242.187

52.17.35.190

52.212.124.100

52.223.27.83 NEW

52.31.177.46

52.31.57.249

54.154.110.190

54.154.110.191

54.154.123.55

54.154.190.153

54.154.76.59

54.171.164.97

54.171.166.217

54.217.76.61

54.72.80.221

54.73.173.11

54.74.189.187

54.77.108.71

54.77.122.85

54.77.247.84

54.77.69.163

54.206.20.221

54.206.24.91

54.206.60.138

54.206.73.160

54.252.198.125

54.79.127.79

54.79.25.73

54.79.44.13

75.2.121.116 NEW

99.83.196.254 NEW

IP addresses per platform (Outbound)

Add the following IP addresses to the allowlist for outbound communication if either of these scenarios apply to your Datto RMM account:

Concord (US East) Vidal (US East) NEW Zinfandel (US West) Merlot (EU) Pinotage (EU) Syrah (APAC)

54.90.30.238

18.210.141.219

34.206.106.100

52.72.137.122

107.22.0.143

34.231.104.171

34.232.253.178

52.33.150.151

44.237.4.153

52.41.95.147

18.202.215.160

3.251.48.174

52.31.46.222 NEW

52.210.155.229

52.212.169.223

54.155.36.8

3.104.103.44

52.62.188.240

IP addresses for the tunnel server grid

US East (N. Virginia) US East (Ohio) US West (Oregon) Africa (Cape Town) Asia Pacific (Seoul) Asia Pacific (Sydney) Canada (Central) Europe (Frankfurt) Europe (Ireland) Europe (Milan) Middle East (Bahrain)

3.95.35.79

3.211.80.125

3.234.81.179

34.206.178.102

34.227.128.69

34.234.179.56

35.168.26.58

35.170.148.86

52.20.64.236

52.22.230.203

54.164.228.61

54.172.132.152

54.172.136.43

3.12.86.201

3.15.88.159

3.22.184.51

3.130.122.108

3.138.166.208

3.142.203.40

18.119.50.31

13.52.116.82

44.237.246.246

34.208.24.64

44.226.41.206

52.9.238.130

54.71.45.244

54.187.170.202

54.188.40.205

54.190.114.117

54.200.178.30

 

13.245.61.188

13.245.244.6

3.39.158.124

15.164.1.105

15.164.247.44

43.200.96.253

3.24.51.183

3.105.171.124

3.106.51.250

13.54.116.244

13.55.143.125

13.238.236.228

52.62.24.125

52.62.172.85

54.79.75.129

54.252.172.242

3.98.60.106

15.222.111.106

35.183.237.95

3.74.13.184

3.123.193.160

18.157.202.135

18.185.3.89

18.198.200.249

18.198.217.209

34.249.11.108

34.249.107.133

34.252.65.215

34.253.141.153

34.254.83.6

34.255.142.98

52.28.142.189

52.28.143.32

52.29.179.182

52.49.60.117

54.72.228.106

54.93.63.109

54.93.70.139

54.246.118.170

63.33.39.246

63.35.143.99

99.81.143.245

108.128.200.66

15.160.37.74

15.161.26.111

18.102.39.74

15.185.79.35

157.175.9.72

URLs

In addition to IP addresses, some firewalls, proxies, or security appliances may require access to the URL of the service as well as the IP address.

If you are using a proxy or security appliance, we recommend that you add the centrastage.net and the rmm.datto.com domains to the allowlist in their entirety if possible or, at a minimum, ensure that the relevant URLs to your platform are added to the allowlist.

Platform Service URLs TCP Port Direction
EU (Pinotage) Web Service https://01ws.centrastage.net
https://agent-gateway.pinotage.rmm.datto.com/
https://pinotage-agent.centrastage.net
https://pinotage-audit.centrastage.net
https://pinotage-monitoring.centrastage.net
https://pinotage-agent-notifications.centrastage.net
https://pinotage-agent-comms.centrastage.net
HTTPS / 443 Outbound
Agent Updates https://update.centrastage.net
https://storage.rmm.datto.com
https://download.visualstudio.microsoft.com
Web Interface https://pinotage.centrastage.net
https://pinotage-realtime.centrastage.net
https://pinotage.rmm.datto.com
https://pinotagermm.centrastage.net
Control Channel 01cc.centrastage.net
Tunnel Server ts.centrastage.net
Component Library https://cpt.centrastage.net
https://cpt.centrastage.net.s3.amazonaws.com
EU (Merlot) Web Service https://02ws.centrastage.net
https://agent-gateway.merlot.rmm.datto.com/
https://merlot-agent.centrastage.net
https://merlot-audit.centrastage.net
https://merlot-monitoring.centrastage.net
https://merlot-agent-notifications.centrastage.net
https://merlot-agent-comms.centrastage.net
HTTPS / 443 Outbound
Agent Updates https://update-merlot.centrastage.net
https://update.centrastage.net
https://storage.rmm.datto.com
https://download.visualstudio.microsoft.com
Web Interface https://merlot.centrastage.net
https://merlot-realtime.centrastage.net
https://merlot.rmm.datto.com
https://merlotrmm.centrastage.net
Control Channel 02cc.centrastage.net
Tunnel Server ts.centrastage.net
Component Library https://cpt-merlot.centrastage.net
https://cpt-merlot.centrastage.net.s3.amazonaws.com
US East (Concord) Web Service https://01concordws.centrastage.net
https://agent-gateway.concord.rmm.datto.com/
https://concord-agent.centrastage.net
https://concord-audit.centrastage.net
https://concord-monitoring.centrastage.net
https://concord-agent-notifications.centrastage.net
https://concord-agent-comms.centrastage.net
HTTPS / 443 Outbound
Agent Updates https://update-concord.centrastage.net
https://update.centrastage.net
https://storage.rmm.datto.com
https://download.visualstudio.microsoft.com
Web Interface https://concord.centrastage.net
https://concord-realtime.centrastage.net
https://concord.rmm.datto.com
https://concordrmm.centrastage.net
Control Channel concordcc.centrastage.net
01concordcc.centrastage.net
Tunnel Server ts.centrastage.net
Component Library https://cpt-concord.centrastage.net
https://cpt-concord.centrastage.net.s3.amazonaws.com
https://s3.amazonaws.com/cpt-concord.centrastage.net
US East (Vidal) NEW Web Service https://01vidalws.centrastage.net
https://agent-gateway.vidal.rmm.datto.com/
https://vidal-agent.centrastage.net
https://vidal-audit.centrastage.net
https://vidal-monitoring.centrastage.net
https://vidal-agent-notifications.centrastage.net
https://vidal-agent-comms.centrastage.net
HTTPS / 443 Outbound
Agent Updates https://update-vidal.centrastage.net
https://update.centrastage.net
https://storage.rmm.datto.com
https://download.visualstudio.microsoft.com
Web Interface https://vidal.centrastage.net
https://vidal-realtime.centrastage.net
https://vidal.rmm.datto.com
https://vidalrmm.centrastage.net
Control Channel vidalcc.centrastage.net
01vidalcc.centrastage.net
Tunnel Server ts.centrastage.net
Component Library https://cpt-vidal.centrastage.net
https://cpt-vidal.centrastage.net.s3.amazonaws.com
https://s3.amazonaws.com/cpt-vidal.centrastage.net
US West (Zinfandel) Web Service https://03ws.centrastage.net
https://agent-gateway.zinfandel.rmm.datto.com/
https://zinfandel-agent.centrastage.net
https://zinfandel-audit.centrastage.net
https://zinfandel-monitoring.centrastage.net
https://zinfandel-agent-notifications.centrastage.net
https://zinfandel-agent-comms.centrastage.net
HTTPS / 443 Outbound
Agent Updates https://update-zinfandel.centrastage.net
https://update.centrastage.net
https://storage.rmm.datto.com
https://download.visualstudio.microsoft.com
Web Interface https://zinfandel.centrastage.net
https://zinfandel-realtime.centrastage.net
https://zinfandel.rmm.datto.com
https://zinfandelrmm.centrastage.net
Control Channel 03cc.centrastage.net
Tunnel Server ts.centrastage.net
Component Library https://cpt-zinfandel.centrastage.net
https://cpt-zinfandel.centrastage.net.s3.amazonaws.com
APAC (Syrah) Web Service https://agent-gateway.syrah.rmm.datto.com/
https://syrahws.centrastage.net
https://syrah-agent.centrastage.net
https://syrah-audit.centrastage.net
https://syrah-monitoring.centrastage.net
https://syrah-agent-notifications.centrastage.net
https://syrah-agent-comms.centrastage.net
HTTPS / 443 Outbound
Agent Updates https://update-syrah.centrastage.net
https://update.centrastage.net
https://storage.rmm.datto.com
https://download.visualstudio.microsoft.com
Web Interface https://syrah.centrastage.net
https://syrah-realtime.centrastage.net
https://syrah.rmm.datto.com
https://syrahrmm.centrastage.net
Control Channel syrahcc.centrastage.net
01syrahcc.centrastage.net
Tunnel Server ts.centrastage.net
Component Library https://cpt-syrah.centrastage.net
https://cpt-syrah.centrastage.net.s3.amazonaws.com

ComStore component and Software Management URLs

If you are downloading and running components from the ComStore, we recommend that you add storage.centrastage.net and storage.rmm.datto.com to the allowlist. Additionally, if you use any of the following software applications either as a ComStore component or via Software Management, make sure to add the relevant URL(s) to the allowlist:

Software Operating System URL
7-Zip Windows https://www.7-zip.org
Adobe Acrobat Reader DC Windows, macOS https://ardownload2.adobe.com
Bitdefender Endpoint Security Tools Windows http://download.bitdefender.com and
https://cloudgz.gravityzone.bitdefender.com
BitDefender GravityZone - Deployment/Management Windows, macOS, Linux http://download.bitdefender.com
Citrix Workspace Windows, macOS https://downloads.citrix.com
Deploy F-Secure Computer Protection Windows https://download.sp.f-secure.com
ESET Direct Endpoint Management - Deployment Windows, macOS https://update.esetusa.com
FileZilla Client Windows https://filezilla-project.org
Foxit Reader Windows https://www.foxitsoftware.com
Google Chrome Windows, macOS http://dl.google.com
Huntress Agent Deployment Windows https://huntress.io
Java Runtime Environment 8 (latest update) Windows https://javadl.oracle.com and
https://sdlc-esd.oracle.com
Liongard Roar Agent Windows https://agents.static.liongard.com
Microsoft Office 365 (Current and Semi-Annual Channels) Windows http://dl.delivery.mp.microsoft.com and
https://download.microsoft.com
https://clients.config.office.net
Microsoft Teams Windows https://aka.ms and
https://teams.microsoft.com
Mozilla Firefox Windows, macOS https://download.mozilla.org
Mozilla Thunderbird Windows, macOS https://download.mozilla.org and
https://download-installer.cdn.mozilla.net
Notepad++ Windows https://notepad-plus-plus.org
Paint.NET x86/x64 Windows https://www.dotpdn.com
PuTTY Windows https://the.earth.li (official mirror)
Skype Windows, macOS https://get.skype.com
Trend Micro Worry-Free Services - Deployment Windows https://wfbs-svc-nabu-aal.trendmicro.com or
https://wfbs-svc-emea-aal.trendmicro.com
(depending on geographical region)
VLC Media Player Windows https://www.mirrorservice.org
https://download.videolan.org
VMWare Tools Windows https://packages.vmware.com
Webroot SecureAnywhere Endpoint Protection Windows https://anywhere.webrootcloudav.com
Windows 10 Upgrade - Professional x86/x64 Windows http://dl.delivery.mp.microsoft.com and
https://download.microsoft.com
Zoom Windows, macOS https://www.zoom.us
https://cdn.zoom.us