If your organization uses a firewall, make sure to set it up so people in your organization can use the Gemini app. Firewall rules should connect to the supported hosts and routes in this article. Otherwise, people might be blocked from the Gemini app, or unable to use some Gemini features.
The hosts and routes in this article should be set to allowed in your firewall rules. They should be allowed even if you turn off the corresponding service in your Google Admin console. Gemini uses these hosts and routes to communicate with Google and Google Workspace services.
Keep in mind:
- Even if there's no current activity at these hosts, there might be future activity. IP addresses used by various domain names don't necessarily fall within any specific range.
- Techniques that Gemini uses to connect to Google servers depend on several factors, for example the browser you're using, and network performance.
- Other Google services can use the same IP addresses that Gemini uses.
Gemini hosts
- lh5.googleusercontent.com
- googleapis.com
- ssl.gstatic.com
- fonts.googleapis.com
- play.google.com
- ogs.google.com
- google.com
- apis.google.com
- jnn-pa.googleapis.com
- waa-pa.clients6.google.com
- i.ytimg.com
- yt3.ggpht.com
- lh3.googleusercontent.com
- maps.gstatic.com
- lh3.google.com
- ogads-pa.clients6.google.com
- csp.withgoogle.com
- googletagmanager.com
- youtube.com
- fonts.gstatic.com
- maps.googleapis.com
- static.doubleclick.net
- gstatic.com
- gemini.google.com
- td.doubleclick.net
- googleads.g.doubleclick.net
- google-analytics.com
- optimizationguide-pa.googleapis.com
- encrypted-tbn0.gstatic.com
- encrypted-tbn1.gstatic.com
- encrypted-tbn2.gstatic.com
- encrypted-tbn3.gstatic.com
- streetviewpixels-pa.googleapis.com
- content-autofill.googleapis.com
