Gateway Network Configuration

The Keeper Gateway establishes outbound-only connections and does not require any inbound firewall rules. The following outbound connections must be allowed:

Destination Endpoint

Ports Needed

More Info

Keeper Cloud keepersecurity.[x]

Endpoints:

US: .com

EU: .eu

AU: .com.au

JP: .jp

CA: .ca

US_GOV: .us

TLS Port 443

Communicates with Keeper Cloud to access target infrastructure via native protocols (e.g., SSH, RDP)

Keeper Router connect.keepersecurity.[x]

Endpoints:

US: .com

EU: .eu

AU: .com.au

JP: .jp

CA: .ca

US_GOV: .us

TLS Port 443

Communicates with Keeper Router to establish secure, real-time WebSocket connections

Keeper Stun/Turn Service

krelay.keepersecurity.[x]

Endpoints:

US: .com

EU: .eu

AU: .com.au

JP: .jp

CA: .ca

US_GOV: .us

TCP and UDP opened on Port 3478 Outbound access to TCP and UDP ports 49152 through 65535

Facilitates secure and encrypted WebRTC connections between end-user's vault and target systems via the Gateway

The Gateway preserves zero knowledge by performing all encryption and decryption of data locally. Keeper Secrets Manager APIs are used to communicate with the Keeper cloud.

PreviousSetting up WinRM NextSetting up SQL Server

Last updated 8 months ago

Was this helpful?