Knowledge Base

Port and URL information for when firewall or VPN is blocking access

Created: March 25, 2021 | Updated: March 5, 2022

I can't get the system running while connected to VPN. As soon as I disconnect form VPN, Altium starts running.

Starting in Version: 18.0
Up to Version: Current

Solution Details

Sometimes when connected to a VPN, data traffic intended to go to an internet location will try to access the internet through the VPN rather than your local internet provider. When this happens, the traffic is subject to the rules and filters of the VPN. It sounds like your IT support needs to unblock some traffic. Give them this information and see if they can make a change for you.
 
If your local area network is "hardened" (made more secure than default) it may be necessary to have your IT department open some ports and white list some website addresses to allow proper communications for the online installer, database connectivity, parts and supplier information, etc.
 
These three addresses need to be unblocked to use the online installer and sign in: 
http://appregistry.live.altium.com 
http://vaultinstallation.live.altium.com 
http://vaultinstall.altium.com 
https//prd-v3.altium.com

And these for updates:
"vaultinstall.altium.com", "appregistry.live.altium.com", "vaultinstallation.live.altium.com", "install.altium.com", "installation.altium.com "
 
 
To download and run Altium Designer, In addition to disabling heuristic scanning for your Antivirus, you may need to have the following ports configured (unblocked) in Windows or your network software / hardware firewall: 
 
- Internet Ports:
     (http):
80
9495 (used by Content Cart)
9880 (used for HTTP and SOAP requests)
9843 is used for encrypted authentication with SSH.
     (https/SSL):
443 (Used by Altium Designer client, Altium License Manager and the AltiumVaults).
 
- VPN Ports: 1194 and 1723 (Used by Virtual Private Network software and relates to users trying to connect to their company network server over a VPN connection from a remote (off site) location.
 
- Network ports: 
TCP 9780 and 9785 (Used for communications between the Altium Infrastructure Server License manger and the client software)
TCP 21001 and UDP 20001 & 20002 (Used for the Legacy Altium Private Server License manager)
HTTP Port - 9780
HTTPS Port - 9785
Synchronization Service Port - 9791
LDAP Service Port - 9790
Websocket Port - 4649
Firebird Server Port - 3050
SVN Port - 3690
 
 
- Http addresses that may need to be unblocked: *.altium.*, *.compute-1.amazonaws.com, *.cloudfront.net, *.marketo.*, OctoPart.com
For example: (http://installation.altium.com), (http://activation.altium.com), (https://workspaces.altium.com) (portal2.altium.com), (portal2.altium.eu), (portal2.altium.com.cn) , (portal1.altium.com), (portal1.altium.eu), (portal1.altium.com.cn), (Portal365.Altium.com), (*.api.altium.com), (payments.altium.com), (firmware.altium.com), (live.altium.com), (blog.live.altium.com)
 
For  Techdocs (also Key "F1") in Altium client: "techdocs.altium.com", "altium.com/documentation"", "munchkin.marketo.net", "app-sjf.marketo.com", "google-analytics.com", "tag.bounceexchange.com", "api.bounceexchange.com", "googletagmanager.com", "googleadservices.com", "a.adroll.com", "*.mktoresp.com" and "connect.facebook.net"
 
If you are running a Proxy server for network access, this documentation has information to support the use of a Proxy Server with an on-site managed content server:
https://www.altium.com/documentation/altium-concord-pro/support-proxy-server
 
- Supplier Searches / Content Vault Part choices:
For communication between Altium Designer or an on-site managed content server and Ciiva,  verify that the following sites/ports are allowed:
 
api.ciiva.com:443 (https port)
api3.ciiva.com:443
ciiva.com:443 
94.23.166.79:443 (https port)
vault.live.altium.com (http port)
partcatalog.altium.com
http://partcatalog.webservice.altium.com
s3.amazonaws.com
107.22.237.23 (http port)
23.23.115.137 (http port)
52.200.159.141 (http port)
 
Use Supplier Search up to Vault 2.6.7 (if supplier is activated): "services.digikey.com", "media.digikey.com", "alliedelec.com", "api.arrow.com", "mouser.com", "webservices-rs.com", "newark.com", "api.tme.eu" and "uk.farnell.com"
 
CIIVA: "ciiva.com", "api.ciiva.com" and api3.ciiva.com (HINT: If the Extension is installed AD tries to connect to ciiva during the AD start. So AD could crash if the security settings deny access.)
Was this article helpful?
0
0
Found an issue with this document? Highlight the area, then use Ctrl+Enter to report it.

Contact Us

Contact our corporate or local offices directly.

Contact Us Now
We're sorry to hear the article wasn't helpful to you.
Could you take a moment to tell us why?
200 characters remaining
You are reporting an issue with the following selected text
and/or image within the active document: