- 15 Aug 2025
- 2 Minuten zu lesen
- Drucken
- DunkelLicht
- pdf
ScreenMeet Enterprise Deployment Guide
- Aktualisiert am 15 Aug 2025
- 2 Minuten zu lesen
- Drucken
- DunkelLicht
- pdf
Introduction
This guide provides post–InfoSec approval configuration requirements and best practices for enterprise networking and IT teams to ensure optimal ScreenMeet performance and reliability.
Outbound Allowlist
Port | Protocol | FQDN | Purpose |
---|---|---|---|
443 | TCP | *.screenmeet.com | HTTPS API, WSS, TURN/STUN over TLS |
443 | UDP | *.screenmeet.com | WebRTC media (preferred) |
443 | TCP | *.scrn.mt | Short hostnames where applicable |
When to Use IP/CIDR
Your firewall cannot enforce UDP/TCP rules by FQDN.
You require static inbound allowlists for CRM/webhook integrations.
Temporary troubleshooting when DNS resolution is blocked or altered.
Optional Static IP Reference
Click to view Static IP list
Port | Protocol | Hostname | IP | Region | Env |
---|---|---|---|---|---|
443 | UDP | *.screenmeet.com | 13.248.173.33 | us-west-2 | prod |
443 | UDP | *.screenmeet.com | 76.223.44.10 | us-west-2 | prod |
443 | TCP | *.screenmeet.com | 13.248.157.15 | us-east-2 | prod |
443 | TCP | *.screenmeet.com | 76.223.24.3 | us-east-2 | prod |
443 | UDP/TCP | *.screenmeet.com | 13.248.182.10 | eu-west-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 76.223.49.44 | eu-west-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 13.248.193.55 | ap-east-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 76.223.1.26 | ap-east-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 13.248.164.27 | ap-northeast-2 | prod |
443 | UDP/TCP | *.screenmeet.com | 76.223.61.40 | ap-northeast-2 | prod |
443 | UDP/TCP | *.screenmeet.com | 75.2.104.21 | ap-northeast-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 99.83.194.6 | ap-northeast-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 75.2.88.60 | ap-southeast-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 99.83.179.35 | ap-southeast-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 75.2.99.59 | ap-southeast-2 | prod |
443 | UDP/TCP | *.screenmeet.com | 99.83.162.42 | ap-southeast-2 | prod |
443 | UDP/TCP | *.screenmeet.com | 75.2.95.59 | ap-south-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 99.83.171.51 | ap-south-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 75.2.88.11 | eu-central-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 99.83.157.5 | eu-central-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 75.2.122.59 | sa-east-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 99.83.161.30 | sa-east-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 13.248.160.23 | us-east-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 76.223.33.31 | us-east-1 | prod |
443 | UDP/TCP | *.screenmeet.com | 15.197.215.28 | multi | prod-proxy |
443 | UDP/TCP | *.screenmeet.com | 3.33.194.1 | multi | prod-proxy |
Optional Egress IP Reference (API Calls)
If you enforce IP range restrictions, whitelist these ScreenMeet egress IPs for outbound calls to platforms such as Salesforce REST API.
Click to view Egress IP list
IP | Region | Environment |
---|---|---|
52.199.226.147 | ap-northeast-1 | Prod |
18.162.119.69 | ap-east-1 | Prod |
18.189.102.45 | us-east-2 | Prod |
54.203.112.48 | us-west-2 | Prod |
35.175.79.220 | us-east-1 | Prod |
13.233.63.88 | ap-south-1 | Prod |
18.136.32.15 | ap-southeast-1 | Prod |
13.237.249.155 | ap-southeast-2 | Prod |
13.209.37.67 | ap-northeast-2 | Prod |
18.197.215.150 | eu-central-1 | Prod |
18.202.156.6 | eu-west-1 | Prod |
18.228.167.44 | sa-east-1 | Prod |
3.98.107.181 | ca-central-1 | Prod (Coming soon...) |
16.170.26.79 | ue-north-1 | Prod (Coming soon...) |
18.101.72.0 | eu-south-2 | Prod (Coming soon...) |
51.112.81.246 | me-central-1 | Prod (Coming soon...) |
Testing Connectivity (WebRTC Test Tool)
Use the WebRTC Test Tool to validate UDP reachability, STUN/TURN operation, and media paths. Link: WebRTC Test Tool.
How to Interpret Results
Click to view WebRTC interpretation guide
Candidate types: host and srflx are direct paths; relay uses TURN. Relay-only is OK but indicates stricter NAT/proxy.
Protocol: UDP preferred for media. TCP-only suggests HTTP proxy or UDP 443 blocked.
TLS inspection: Cert/pinning errors imply SSL interception. Exempt
*.screenmeet.com
and*.scrn.mt
.Throughput targets: ≥500 kbps per stream is adequate for control and typical sharing. More is required for HD video.
IPv6: Missing IPv6 candidates is normal in IPv4-only networks.
Sample outcome mapping
UDP enabled: Relay candidate gathered via
turn.screenmeet.com:443
and succeeded → UDP path reachable through TURN.TLS enabled: Data transmitted successfully over TURN/TLS → TLS pass-through works; no interception errors observed.
Relay connectivity: Multiple relay UDP candidates succeeded → TURN available; expect stable media even with strict NAT.
Reflexive connectivity: srflx gathered but connect failed → symmetric NAT or firewall blocking direct UDP; rely on TURN.
Host connectivity: Succeeded → local path OK; not used across WAN.
Data throughput: ~508–541 kbps sustained, ~2.65 Mbit in ~5 s → sufficient for remote control and standard sharing.
Video bandwidth: Failed due to 0 fps camera → device permission/driver issue, not a network fault.
Only applicable for ScreenMeet Live.
If results show “relay-only”
Allow UDP 443 to
*.screenmeet.com
by FQDN.Bypass HTTP forward proxy for ScreenMeet domains.
Enable VPN split-tunnel for ScreenMeet traffic.
If you see certificate or pinning errors
Disable TLS inspection for *.screenmeet.com
and *.scrn.mt
. Beam unattended access will not connect if interception is active.
Configuration Best Practices
Proxies: Bypass HTTP forward proxies for
*.screenmeet.com
to avoid WebSocket fallback to TCP and performance degradation.VPN: Use split tunneling to send ScreenMeet traffic directly to the internet, avoiding hair-pinning and sub-optimal server selection.
TLS Inspection: Disable TLS decryption for
*.screenmeet.com
. Required for Beam unattended access.Firewalls: Allow UDP and TCP on port 443 to the FQDNs above. IPv4 only.
Endpoint Security Exceptions
Windows:
ScreenMeetSupport.exe
,webrtcnative-x64.dll
macOS:
ScreenMeetSupport.app
macOS Permissions Deployment
Required entitlements: Screen Recording, Accessibility.
Grant via MDM profile for silent deployment.
Integration & Egress Requirements
Outbound API/webhook calls originate from documented Egress IP ranges.
CRM integrations may require inbound API whitelisting for those IPs.
Troubleshooting Checklist
Verify firewall allows UDP and TCP 443 to
*.screenmeet.com
and*.scrn.mt
.Confirm VPN split-tunneling is active.
Ensure TLS inspection exceptions are in place.
Check endpoint security software whitelists required binaries.
Run the WebRTC Test Tool and expand the interpretation guide above.
Operational Notes
ScreenMeet supports IPv4 only.