Covers Citrix SaaS products involving our servers as of August 2016
ShareConnect is configured to work outbound through ports 8200, 80 or 443.
In a restricted environment, port 8200 can be set up for outbound connections. ShareConnect does not require any inbound connections. Connections outbound via port 8200 are optimal, although connections through ports 80 and 443 can also be used.
For most firewall or proxy systems, we recommend specifying a whitelist of DNS addresses for Citrix services so outbound connections can be made. The list of Citrix domains ShareConnect utilizes includes (but is not limited to) the following:
*.citrixonline.com |
*.expertcity.com |
*.citrixonlinecdn.com |
*.shareconnect.com |
*.sf-api.com |
*.sf-api.eu |
*.sharefile.com |
*.sharefile.eu |
*.sharefileftp.com |
*.sharefile-webdav.com |
Important Note: Changes to the firewall configuration are generally discouraged because our IP ranges and those of our provider networks need to be periodically audited and modified, creating additional maintenance to your network. These changes are necessary to continue to provide the maximum performance for ShareConnect.
If your firewall includes a content or application data scanning filter, this may cause blocking or latency, which would be indicated in the log files for the filter. To address this problem, verify the below IP ranges will not be scanned or filtered by specifying exception IP ranges that will not be filtered. If your security policy requires you to specify explicit IP ranges, then configure your firewall to limit port 8200 or 80 or 443 and IP addresses to only the Citrix ranges and those of our provider networks given below.
Citrix server / Datacenter IP addresses for use in firewall configurations
Equivalent specifications in 3 common formats |
Citrix Assigned
Range by Block |
Numeric IP
Address Range |
Netmask Notation |
CIDR Notation |
Block 1 |
78.108.112.0 – 78.108.127.255 |
78.108.112.0 255.255.240.0 |
78.108.112.0/20 |
Block 2 |
173.199.0.0 – 173.199.63.255 |
173.199.0.0 255.255.192.0 |
173.199.0.0/18 |
Citrix scales its services into third-party cloud and carrier networks for improved performance. This comes in the form of shorter software download times and Datacenters geographically closer to more regions for better in session performance.
To explicitly whitelist IP addresses in order to ensure that the ShareConnect software may download properly, please refer to:
IP ranges for the content delivery network (CDN)
To explicitly whitelist the IP Addresses for ShareConnect in-session communications, please refer to:
IP ranges for software communications
For your convenience, we have included a list of IP addresses for Datacenters in use by ShareConnect. Please note that new Datacenters may be added or existing Datacenters may be removed dynamically to ensure performance. While we strive to keep this documentation up to date, if it is critical to have all potential IP addresses explicitly whitelisted it is recommended that you whitelist the IP addresses linked above for screen sharing.
Citrix server / Datacenter IP addresses for use in firewall configurations
ShareConnect Software Communications |
Domain Name |
Numeric IP
Address |
34-206-78-3-live.shareconnect.com |
34.206.78.3 |
52-35-103-173-live.shareconnect.com |
52.35.103.173 |
52-41-244-85-live.shareconnect.com |
52.41.244.85 |
52-6-115-161-live.shareconnect.com |
52.6.115.16 |
152-87-54-17-live.shareconnect.com |
52.87.54.17 |
poll.shareconnect.com |
34.194.200.52 |
app.shareconnect.com |
34.224.129.162 |
Related: