Ports and URLs used by TeamViewer
Peer-to-Peer connections
You may observe different ports being used in network monitoring tools. This is due to TeamViewer’s peer-to-peer fallback mechanism, which dynamically selects available ports for communication. These are still outbound connections.
Destination IP Addresses
TeamViewer connects to a global network of servers. These servers use dynamic IP ranges, so a fixed list cannot be provided. However, all TeamViewer IPs resolve to: *.teamviewer.com
You can use this for firewall or proxy filtering if needed. From a security perspective, blocking all inbound connections and allowing outbound connections on the required ports is sufficient.
Note: If you are unable to whitelist a wildcard, please ensure the following domains are allowed on port 443:
configdl.teamviewer.com – Required for downloading configuration and customization data.
webapi.teamviewer.com – Required for account assignment and API-based services.
Required URLs
To ensure proper functionality of the TeamViewer interface (not needed for TeamViewer Classic), allow access to the following domains on port 443:
www.recaptcha.net – Required for reCAPTCHA verification
www.gstatic.com – Used alongside reCAPTCHA
cdn.cookielaw.org – Required for the cookie banner
Note: If you are using TeamViewer SSO, you also need to whitelist your SSO login server.