When configuring your firewall to allow Box as a trusted source, please use the steps outlined below:

1. Use our site's domain names instead of a particular site IP address, as IP addresses can change frequently and without notice. Please configure hostnames to recognize any sub-domain of:

  • *.box.com
  • *.box.net
  • *.boxcdn.net
  • *.boxcloud.com
  • *.boxlocalhost.com
  • *.boxrelay.com

To make use of the integrated Excel Online Previewer, you must add the following specific hostnames: 

  • c1-excel-15.cdn.office.net
  • excel.officeapps.live.com
  • fs.microsoft.com
  • s1-excel-15.cdn.office.net

You can also go to Microsoft's page to review Office 365 URLs and IP address ranges.

 

To make use of the Google Captcha feature, you must add the following specific hostnames:

 

If you are unable to whitelist the sub-domains shown in the list above, please allow these specific hostnames

  • a.box.com
  • account.box.com
  • api.box.com
  • app.box.com
  • app.boxrelay.com
  • blog.box.com
  • cdn01.boxcdn.net - cdn20.boxcdn.net
  • community.box.com
  • developer.box.com
  • dl.boxcloud.com
  • dl2.boxcloud.com - dl20.boxcloud.com
  • docs.box.com
  • e3.boxcdn.net
  • edit.boxlocalhost.com
  • ent.box.com
  • m.box.com
  • notes.services.box.com
  • public.boxcloud.com
  • sso.services.box.net
  • status.box.com
  • support.box.com
  • upload.app.box.com
  • upload.box.com
  • upload.box.net
  • upload.ent.box.com
  • www.box.com
  • www.box.net
  • {yourcustomsubdomain}.account.box.com
  • {yourcustomsubdomain}.app.box.com
  • {yourcustomsubdomain}.box.com
  • {yourcustomsubdomain}.ent.box.com
  • 2.realtime.services.box.net

 

2. Enable HTTPS (port 443) for the domains above.

 

Due to the numerous firewalls available, we cannot provide specific instructions for each firewall beyond what is listed above. If you are using a firewall or proxy such as Websense, Blue Coat, and so on, please create a Box User Services case and request the additional hostnames that are used with Enterprise accounts.

 

Whitelisting for Box Zones

Box Zones may introduce additional IP address or sub-domains. If you have configured a firewall,
please contact Box User Services to get a list of Zone sub-domains that you can whitelist.

 

Configuring a Proxy for Box Drive

Box supports this server setting:

  • Proxy server with NTLMv1 or NTLMv2 authentication

Configuring a Proxy for Box Sync

Box supports these client settings:

  • Automatic Proxy Detection 
  • Proxy Auto-Configuration (PAC file)
  • Manual setting: Select Web Proxy (HTTP) and Secure Web Proxy (HTTPS) and enter the IP address or hostname for your proxy server

Box supports these server settings:

  • Proxy server without authentication
  • Proxy server with NTLMv1 or NTLMv2 authentication

Proxy exceptions:

  • Windows: The Windows API does not support local file path schema (file://C:\proxy.pac).  Box Sync works if the PAC file path starts with HTTP or HTTPS, but it doesn't work if the PAC file path is the local path. 

Configuring a Proxy for Box Edit

Box supports this server setting:

  • Proxy server with NTLMv1 or NTLMv2 authentication

Configuring a Proxy for Box for Office

Box supports this server setting:

  • Proxy server with NTLMv1 or NTLMv2 authentication

Configuring a Proxy for Box for Apple iWork

Box supports this server setting:

  • Configure Web proxy or firewall ports to allow all network traffic to Apple’s network 17.0.0.0/8.

Configuring a Proxy for Box Notes Desktop

Box supports these client settings:

  • Automatic Proxy Detection 
  • Proxy Auto-Configuration (PAC file)
  • Manual setting: Select Web Proxy (HTTP) and Secure Web Proxy (HTTPS) and enter the IP address or hostname for your proxy server

Box supports these server settings:

  • Proxy server without authentication
  • Proxy server with NTLMv1 or NTLMv2 authentication for Windows. Box Notes Desktop on Mac only supports NTLMv1. 

Proxy exceptions:

  • Windows: The Windows API does not support local file path schema (file://C:\proxy.pac).  Box Sync works if the PAC file path starts with HTTP or HTTPS, but it doesn't work if the PAC file path is the local path. 

Testing Connectivity to Box Domains

To test whether your browser can connect to various Box domains, go to our Connectivity Testing page. Each test image is hosted on a different Box URL.