Mirror and MirrorTalk

Mirror Firewall Information: for IT administrators and Network Security teams

img (18).png

ver 1.7 (Aug 8, 2024)

 

Why it's important?

Firewalls and network filters can potentially restrict access to domains utilized by Mirror and its associated third-party services. The following guide has been crafted specifically for IT administrators and Network Security teams to aid in the proper configuration of firewall settings.

 

How to check if you need to contact your IT for help? 

Simply run network diagnostics on the Mirror Device to ensure access to the allowlist. Refer to the "Check Network" screen and click on the "Check Network" button for detailed instructions, as outlined in this article.

 

Screen-Recording-2024-06-24-at-1.gif

 

What needs to be whitelisted? 

We highly recommend permitting all subdomains of our mirrortalk.ai domain to guarantee seamless and uninterrupted access to all our services. One common method to achieve this is by incorporating a wildcard record, such as *.mirrortalk.ai, into your allowlist. By doing so, you will safeguard your setup against any future additions of new features that may be hosted on subdomains.

Kindly take note that Mirror necessitates access to TCP ports 80 (http) and 443 (https). Additionally, certain domains mandate access to the WSS protocol and time.android.com uses UDP port 123.

For your users to effectively utilize Mirror, they must have access to the listed domains:

Domain Wildcard Ports Protocol
mirrortalk.ai mirrortalk.ai TCP:443 HTTPS, WSS
cdn-ca-central-1.mirrortalk.ai *.mirrortalk.ai TCP:443 HTTPS
cdn-us-east-1.mirrortalk.ai   TCP:443 HTTPS
cdn-eu-west-2.mirrortalk.ai   TCP:443 HTTPS
cdn-eu-central-1.mirrortalk.ai   TCP:443 HTTPS
cdn-ap-southeast-1.mirrortalk.ai   TCP:443 HTTPS
cdn-ap-southeast-2.mirrortalk.ai   TCP:443 HTTPS
cdn-static.mirrortalk.ai   TCP:443 HTTPS
updates-cdn-us-east-1.mirrortalk.ai   TCP:443 HTTPS
swivlmirror-us-east-1.s3.amazonaws.com swivlmirror-us-east-1.s3.amazonaws.com TCP:443 HTTPS
swivlmirror-ca-central-1.s3.amazonaws.com swivlmirror-ca-central-1.s3.amazonaws.com TCP:443 HTTPS
swivlmirror-eu-west-2.s3.amazonaws.com swivlmirror-eu-west-2.s3.amazonaws.com TCP:443 HTTPS
swivlmirror-eu-central-1.s3.amazonaws.com swivlmirror-eu-central-1.s3.amazonaws.com TCP:443 HTTPS
swivlmirror-ap-southeast-1.s3.amazonaws.com swivlmirror-ap-southeast-1.s3.amazonaws.com TCP:443 HTTPS
swivlmirror-ap-southeast-2.s3.amazonaws.com swivlmirror-ap-southeast-2.s3.amazonaws.com TCP:443 HTTPS
foc-hw-logs.s3.amazonaws.com foc-hw-logs.s3.amazonaws.com TCP:443 HTTPS
dm-swivl.s3.amazonaws.com dm-swivl.s3.amazonaws.com TCP:443 HTTPS
cloud.swivl.com *.swivl.com TCP:443 HTTPS, WSS
dm.swivl.com   TCP:443 HTTPS, WSS
api.rollbar.com *.rollbar.com TCP:443 HTTPS
cdn.rollbar.com   TCP:443 HTTPS
cdn.segment.com *.segment.com TCP:443 HTTPS
api.segment.io   TCP:443 HTTPS
www.google-analytics.com *.google-analytics.com TCP:443 HTTPS
ssl.google-analytics.com   TCP:443 HTTPS
accounts.google.com accounts.google.com TCP:443 HTTPS
ssl.gstatic.com ssl.gstatic.com TCP:443 HTTPS
tagmanager.google.com tagmanager.google.com TCP:443 HTTPS
www.googletagmanager.com www.googletagmanager.com TCP:443 HTTPS
googletagmanager.com googletagmanager.com TCP:443 HTTPS
googleapis.com googleapis.com TCP:443 HTTPS, WSS
firebasecrashlyticssymbols.googleapis.com firebasecrashlyticssymbols.googleapis.com TCP:443 HTTPS
swivl.zendesk.com swivl.zendesk.com TCP:443 HTTPS, WSS
static.zdassets.com *.zdassets.com TCP:443 HTTPS
ekr.zdassets.com *.zdassets.com TCP:443 HTTPS
buttons.github.io buttons.github.io TCP:443 HTTPS
time.android.com time.android.com UDP:123 NTP

 

Important - Zoom also requires adjustments to your network firewall or proxy server. Visit this link for detailed instructions on how to configure these settings.

 

To ensure that you receive notification emails from Mirror successfully, please add the following addresses to your email allowlist:

Check Network at mirrortalk.ai

If you have whitelisted all the necessary domains outlined above and the connection issue persists, go to https://mirrortalk.ai/network-test and check network. 

Check network IT.gif

If there is an entry that has a red cross next to it, please contact support at support@swivl.com with the screenshot of this page and with details regarding the issue. 

Troubleshooting QR Code Login

If the QR code for login does not appear on your device, please ensure that the following domains are open for WebSockets (WSS protocol on port 443):

 

wss://mirrortalk.ai

wss://*.mirrortalk.ai

wss://cloud.swivl.com

 

If you still have any questions, please contact us at demo@swivl.com or support@swivl.com

 

Updated

Was this article helpful?

3 out of 3 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.