TeamViewer is designed to connect easily to remote computers without requiring special firewall configurations.
In most cases, TeamViewer will work if internet access is available. TeamViewer initiates outbound connections to the internet, which are typically allowed by firewalls. However, in environments with strict security policies (e.g., corporate networks), outbound connections may be restricted. In such cases, the firewall must be configured to allow TeamViewer traffic.
This article applies to all TeamViewer users.
TeamViewer attempts to establish outbound connections using the following ports, in order of preference:
Note: iOS and Android apps can use port 80 if necessary.
TeamViewer establishes outbound connections from both devices involved in a session. It does not require any inbound ports to be opened on firewalls.
In TeamViewer’s architecture, both devices initiate outbound connections to TeamViewer servers or directly to each other (peer-to-peer), depending on the network environment.
You may observe different ports being used in network monitoring tools. This is due to TeamViewer’s peer-to-peer fallback mechanism, which dynamically selects available ports for communication. These are still outbound connections.
TeamViewer connects to a global network of servers. These servers use dynamic IP ranges, so a fixed list cannot be provided. However, all TeamViewer IPs resolve to: *.teamviewer.com
You can use this for firewall or proxy filtering if needed. From a security perspective, blocking all inbound connections and allowing outbound connections on the required ports is sufficient.
Note: If you are unable to whitelist a wildcard, please ensure the following domains are allowed on port 443:
To ensure proper functionality of the TeamViewer interface (not needed for TeamViewer Classic), allow access to the following domains on port 443:
Note: If you are using TeamViewer SSO, you also need to whitelist your SSO login server.