Skip to main content

Overview

Barndoor uses a dedicated set of static IP addresses for all outbound MCP (Model Context Protocol) traffic to customer infrastructure. You can whitelist these IPs in your firewall to ensure only authenticated traffic from Barndoor reaches your environment.

Static IP Addresses

All outbound MCP traffic from Barndoor originates from the following IP addresses:
  • 34.72.226.97
  • 35.223.64.61
  • 34.121.81.24
  • 35.226.250.15
These IP addresses are stable and shared across all Barndoor customers. Third-party MCP servers (like Slack, Notion, or GitHub) do not route through these IPs.

Firewall Configuration

To whitelist Barndoor traffic in your firewall:
  1. Add inbound rules allowing traffic from the IP addresses listed above
  2. Configure the appropriate ports for your MCP server (typically HTTPS/443)
  3. Test the connection after updating your firewall rules

Example Firewall Rule

# Allow HTTPS traffic from Barndoor IPs
iptables -A INPUT -p tcp --dport 443 -s 34.72.226.97 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -s 35.223.64.61 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -s 34.121.81.24 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -s 35.226.250.15 -j ACCEPT

Regional Availability

Currently, all IPs are hosted in the United States. As Barndoor expands to additional regions, we will:
  • Add region-specific IPs to this documentation
  • Maintain high availability with automatic failover within the dedicated IP pool

IP Change Policy

Troubleshooting

If you’re experiencing connection issues after whitelisting:
  1. Verify the IP addresses are correctly entered in your firewall rules
  2. Check that the correct ports are open (typically 443 for HTTPS)
  3. Review firewall logs to confirm traffic from Barndoor IPs is being allowed
  4. Contact support if issues persist: [email protected]

Frequently Asked Questions

No. Third-party MCP servers (Slack, Notion, GitHub, etc.) do not route through Barndoor’s dedicated IP pool. Only custom MCP servers hosted in your own infrastructure require whitelisting.
Yes. These IPs are used by all Barndoor customers for outbound MCP traffic. Traffic is still authenticated and encrypted using your unique MCP server credentials.
Barndoor maintains high availability. If an IP becomes unavailable, traffic automatically fails over to another IP within the dedicated pool. No action is required from you.
IP whitelisting allows traffic from the Barndoor platform but doesn’t distinguish between individual users. For user-level access control, implement authentication at your MCP server level.

Need Help?

If you have questions about IP whitelisting or need assistance configuring your firewall, reach out to our support team at [email protected].