(WSS) How do I make TeamViewer software work through the cloud service?


Article ID: 169221


Updated On:


Web Security Service - WSS


According to this article from TeamViewer website, there are three TCP ports (5938 and 443, 80) used by TeamViewer's latest software.

According to the following link, the TeamViewer software makes connections to their master servers located around the world. These servers use a number of different IP address ranges, which are also frequently changing. As such, we are unable to provide a list of our server IPs. However, all of our IP addresses have PTR records that resolve to *.teamviewer.com. You can use this to restrict the destination IP addresses that you allow through your firewall or proxy server.


TeamViewer traffic is not web traffic, and thus not seen HTTP/HTTPS traffic by the WSS.


For TeamViewer to work on explicit PAC environment, allow any of these three ports and/or the IP address range at the firewall. TeamViewer traffic is not web traffic and it is not supported through WSS with the Explicit Proxy access method.

Although TeamViewer might use IE browser setting to send traffic to the WSS data center, this traffic is not seen as web traffic by the WSS and it might or not work. You can work-around by adding the destination URL and IP addresses to the Trusted Destination list on the portal. This disables the protocol detection (and virus/malware scanning) for these destinations because it is non-HTTP and non-SSL, but this is only best effort. You must follow and update the list if TeamViewer decides to change its URL and IP ranges. This is outside scope of work of Blue Coat Support.

Be advised: This might open a possibility of virus/malware infection from these destinations. You must select to accept the risk associated with this method.