The way you connect to Salesforce significantly impacts your users' experience, including page load speed, login reliability, and API call success rates. This article explains the key network components used in enterprise Salesforce deployments and how to ensure each is configured correctly.
Note: The definitions and requirements below are intended to help customers resolve issues within their own network setup. Salesforce Support can help isolate client-side network issues but cannot assist with configuration, implementation, or testing of Security Software, VPNs, Proxies, or Firewalls.
If your organization has an IT or Networking team, it is likely that users connect to Salesforce through one of the methods described below.
Ensure all layers of your network are configured to allow the required Salesforce domains and IP addresses. You may also need to work with third-party vendors to ensure their domains and IPs are permitted.
For Hyperforce deployments, see Retain Uninterrupted Access to Salesforce Services on Hyperforce. A list of Hyperforce IP ranges is available on the Salesforce Compliance site.
Note: Salesforce does not block IP addresses and cannot allowlist client-side or third-party IP addresses.
A proxy server acts as an intermediary between a user's device and the internet. Customers commonly use proxies to mask network activity or to balance load across multiple servers. If your organization uses a proxy, ensure that Salesforce domains and IP addresses are explicitly permitted through the proxy configuration.
Example: If users in a specific office cannot load Salesforce pages but other websites load normally, the office proxy may be blocking Salesforce traffic. Check proxy allow rules for *.salesforce.com and *.force.com.
A firewall protects your organization and its users from security threats by filtering inbound and outbound network traffic. Firewalls can be configured to be more strict or more permissive. If Salesforce traffic is being blocked, ensure that firewall rules allow outbound connections to all required Salesforce IP ranges and domains.
DNS resolves domain names (such as mycompany.my.salesforce.com) to IP addresses. If DNS is misconfigured, users may receive NXDOMAIN errors or be routed to the wrong server. Always ensure your DNS settings include the correct Salesforce IP ranges, especially after org migrations or Hyperforce transitions.
A VPN creates an encrypted connection between a device and the internet. VPNs are one of the most common methods Salesforce customers use to secure remote access. However, VPN configurations can restrict or slow Salesforce traffic if Salesforce domains are not added to VPN allowlists or split-tunnel configurations.
Example: If multiple users in the same office experience Salesforce slowness while connected to the corporate VPN, but users connecting from home without the VPN have no issues, the VPN configuration is likely restricting Salesforce traffic. Ask your IT team to verify that Salesforce domains are permitted through the VPN.
A Content Delivery Network (CDN) is a group of distributed servers used to accelerate and protect data transfer. Salesforce uses a CDN to improve performance and reliability for Experience Cloud (Community) sites. If your organization uses a client-side CDN, ensure it is configured to allow Salesforce content.
The following are common network-related patterns that Salesforce Support encounters:
Before opening a case, gather the following information:
000389186

We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.