> ## Documentation Index
> Fetch the complete documentation index at: https://docs.barndoor.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# IP Whitelisting

> Configure your firewall to allow Barndoor MCP traffic

## Overview

Barndoor uses a dedicated set of static IP addresses for all outbound MCP (Model Context Protocol) traffic to customer infrastructure. You can whitelist these IPs in your firewall to ensure only authenticated traffic from Barndoor reaches your environment.

## Static IP Addresses

All outbound MCP traffic from Barndoor originates from the following IP addresses:

* `136.114.185.55`
* `34.121.81.24`
* `34.172.10.253`
* `35.226.250.15`
* `35.188.204.49`

<Note>
  These IP addresses are stable and shared across all Barndoor customers. Third-party MCP servers (like Slack, Notion, or GitHub) do not route through these IPs.
</Note>

## Firewall Configuration

To whitelist Barndoor traffic in your firewall:

1. **Add inbound rules** allowing traffic from the IP addresses listed above
2. **Configure the appropriate ports** for your MCP server (typically HTTPS/443)
3. **Test the connection** after updating your firewall rules

### Example Firewall Rule

```bash theme={null}
# Allow HTTPS traffic from Barndoor IPs (example)
iptables -A INPUT -p tcp --dport 443 -s 34.121.81.24 -j ACCEPT

```

## Regional Availability

Currently, all IPs are hosted in the **United States**. As Barndoor expands to additional regions, we will:

* Add region-specific IPs to this documentation
* Maintain high availability with automatic failover within the dedicated IP pool

## IP Change Policy

## Troubleshooting

If you're experiencing connection issues after whitelisting:

1. **Verify the IP addresses** are correctly entered in your firewall rules
2. **Check that the correct ports** are open (typically 443 for HTTPS)
3. **Review firewall logs** to confirm traffic from Barndoor IPs is being allowed
4. **Contact support** if issues persist: [support@barndoor.ai](mailto:support@barndoor.ai)

## Frequently Asked Questions

<AccordionGroup>
  <Accordion title="Do I need to whitelist IPs for third-party MCP servers?">
    No. Third-party MCP servers (Slack, Notion, GitHub, etc.) do not route through Barndoor's dedicated IP pool. Only custom MCP servers hosted in your own infrastructure require whitelisting.
  </Accordion>

  <Accordion title="Are these IPs shared with other customers?">
    Yes. These IPs are used by all Barndoor customers for outbound MCP traffic. Traffic is still authenticated and encrypted using your unique MCP server credentials.
  </Accordion>

  <Accordion title="What happens if one of these IPs fails?">
    Barndoor maintains high availability. If an IP becomes unavailable, traffic automatically fails over to another IP within the dedicated pool. No action is required from you.
  </Accordion>

  <Accordion title="Can I restrict access to specific Barndoor users?">
    IP whitelisting allows traffic from the Barndoor platform but doesn't distinguish between individual users. For user-level access control, implement authentication at your MCP server level.
  </Accordion>
</AccordionGroup>

## Need Help?

If you have questions about IP whitelisting or need assistance configuring your firewall, reach out to our support team at [support@barndoor.ai](mailto:support@barndoor.ai).