Security Software & Firewall Settings

There are two different scenarios where you might need to adjust settings on your firewall. One is for the inbound traffic to your ticket system, if your ticket system is hosted onsite. And the other is for outbound traffic coming from the button software on your client’s PC

Inbound Ticket System Settings

In order to put tickets into your ticket system, our servers must communicate to your ticket system API. If you are using a Cloud-Hosted ticket ticket system, then there is probably nothing you need to do outside of what is listed your specific integration guide, but if you have a self-hosted ticket system, then you will need to set up port forwarding and firewall rules to expose your API to the internet. It’s always a good security practice to apply the “Principle Of Least Privilege” and only allow those IPs which need to communicate with your API to have access to it through your firewall. For that reason, we send out all of our API requests through one of two two specific static IP addresses. They are as follows:


If you whitelist those two IPs in your firewall, then you should be good to go for our inbound API requests to your ticket system.

Outbound Client Software Settings

In order for the client software to function, it makes outbound TCP connections to various servers. Many of these are servers which are edge optimized and therefore have multiple IP addresses per region, so make sure not to just whitelist the IP for the server because this changes based on region and server load. You must whitelist the hostname.

Role Hostname Port(s)
getconf, submit basic ticket data 443
If not self-hosting; our gatekeeper 443
Plugins (Auto update, T2terminal) 443
upload diagnostic data/Images 443
request slot for TechConnect 443
establish TechConnect session 2001-2500

Anti-Virus and AntiMalware Compatibility

It is not always necessary, but we recommend whitelisting the Tier2Tickets installation folder (C:\Program Files(x86)\Tier2Tickets). We regularly submit our code through VirusTotal to make sure we are not getting flagged, but almost all AV/M interactions cause some sort of failure. Webroot in particular can cause issues with screenshots.


AdGuard seems to block the JavaScript that populates the Press View Reports.


Webroot will blank most programs from taking screenshots. Here is thier documentation on how to allow a program to take screenshots..

It may be necessary to allow applications to take screenshots without confirmation if you recieve popups about allowing screenshots.

../../../_images/1-webroot.png ../../../_images/2-webroot.png ../../../_images/3-webroot.png