In order to access the PDQ Connect web app and allow the PDQ Connect Agent to communicate with PDQ Connect, the following network requirements must be met.
PDQ Connect Web App
To access the Connect web app, your firewall must be configured to allow browsers in your environment to reach this URL:
- https://app.pdq.com
PDQ Connect Agent
Outbound Traffic: All outbound traffic from the PDQ Connect Agent to the PDQ servers goes through port 443, using the WebSocket protocol over HTTPS (WSS).
URL Allow List:
Allow the following URLs through your firewall:
- https://connect.e9d69694c3d8f7465fd531512c22bd0f.r2.cloudflarestorage.com
- https://connect-package-library.e9d69694c3d8f7465fd531512c22bd0f.r2.cloudflarestorage.com
- https://cfcdn.pdq.com/
- https://app.pdq.com/
- https://websocket.app.pdq.com/ (websocket URL)
IP Address allow list:
PDQ's services are primarily hosted on Cloudflare. You can view Cloudfire's IP ranges here for reference, but it is not necessary or recommended to allow-list these IPs, since your specific destination IP may vary by geographical and network connection/ISP location.
If your Connect agents are experiencing difficulties connecting to our websocket URL above, you may allow-list these IPs for that specific destination:
- 34.128.163.126:443
- [2600:1901:0:181b::]:443
- 34.54.45.198:443
- [2600:1901:0:7cca::]:443
Remote desktop:
Allow outbound TCP connection to *.islonline.net on Port 7615.
Pre-built packages: The PDQ Connect Agent will download the installers from the application vendor directly. Most application installers will download over HTTPS, port 443, but some may download over HTTP, port 80. This is dependent on the how the software vendor has made the download available. In all cases, we check the file's hash to verify that the file was not tampered with. Additional files included in pre-built packages will be downloaded from the Cloudflare servers.
Custom packages: The PDQ Connect Agent will download the install file and additional files from the Cloudflare servers.