

Your VPN enables a secure connection between your computer and resources on your Relativity instance's network. The following resources are available when you connect to the GlobalProtect VPN client:
For Sandbox environments, you can access the following back end resources via the VPN:
Consider the following local machine requirements:
Note: Without local administrator, or the ability to install via group policy, you will be unable to install the GlobalProtect client.
The following ports must be opened on user machines and/or firewalls for the
Destination Port | Protocol | Description |
---|---|---|
443 | TCP | Used for communication between GlobalProtect agents and portals, or GlobalProtect agents and gateways and for SSL tunnel connections. GlobalProtect gateways also use this port to collect host information from GlobalProtect agents and perform host information profile (HIP) checks. |
4501 | UDP | Used for Global Protect VPN or IPSec tunnel connections between GlobalProtect agents and gateways. |
There are different geographic data centers that your Relativity instance or sandbox may reside in. Enter the VPN portal URL as it appears below.
Note: Microsoft has renamed Azure Active Directory (Azure AD) to Microsoft Entra ID. This site has been updated to reflect the name change, where applicable. Refer to Microsoft documentation for more information.
The IP addresses listed below are for both VPN and regular, non-VPN, access.
All VPN portal URL are formatted as vpn.[regional domain].relativity.one
Note: VPN portal URL are only accessed when connecting to your Utility Server or Direct SQL via the VPN.
Primary Azure data center IP address ranges for VPN portal URL:
Primary Azure/Entra ID region | Primary IP Range | VPN Portal URL |
---|---|---|
US-Central (CTUS) | 52.189.66.32/27 | vpn.ctus.relativity.one |
US-East (ESUS) | 40.88.50.160/27 | vpn.esus.relativity.one |
Canada-Central (CACT) | 52.228.98.0/27 | vpn.cact.relativity.one |
UK-South (UKSO) | 51.145.60.64/27 | vpn.ukso.relativity.one |
Asia-East (ESAS) | 52.184.89.64/27 | vpn.esas.relativity.one |
Brazil-South (BRSO) | 191.233.244.160/27 | vpn.brso.relativity.one |
Europe-West (WSEU) | 51.105.222.96/27 | vpn.wseu.relativity.one |
France - Central (FRCT) | 20.199.57.128/27 | vpn.frct.relativity.one |
Germany-West Central (DECT) | 51.116.134.160/27 | vpn.dect.relativity.one |
Switzerland North (CHNO) | 51.107.46.128/27 | vpn.chno.relativity.one |
Australia-East (AUEA) | 20.40.190.160/27 | vpn.auea.relativity.one |
Korea-Central (KRCT) | 20.194.51.192/27 | vpn.krct.relativity.one |
United Arab Emirates (AENO) | 20.203.41.32/27 | vpn.aeno.relativity.one |
India (INCT) | 20.204.36.0/27 | vpn.inct.relativity.one |
Ireland (NOEU) | 20.93.29.128/27 | vpn.noeu.relativity.one |
South Africa (ZANO) | 20.87.64.160/27 | vpn.zano.relativity.one |
Southeast Asia (SEAS) | 52.230.48.0/27 | vpn.seas.relativity.one |
Japan (JPES) | 20.78.107.96/27 | vpn.jpes.relativity.one |
Legacy Sandboxes | ** | vpn.ctussbx.relativity.one |
** For Sandboxes, use the FQDN listed in the next table
Note: You must have local admin rights to install the VPN client. If you are not a local admin, contact your IT department to install it via Group Policy. Instructions for installing the client via Group Policy are found at https://live.paloaltonetworks.com/t5/Management-Articles/Using-Active-Directory-GPO-to-Install-the-GlobalProtect-Client/ta-p/61120.
Your VPN connection is typically created during the onboarding process for RelativityOne. If you have questions, please contact your designated Customer Success Manager.
Note: To download and re-install the VPN client, follow the following instructions, but skip the steps related to resetting your password.
Note: If you are using macOS and are unable to use GlobalProtect after installing, review the General tab in your Security and Privacy settings and ensure that system software from PanGPS is not blocked from loading.
You can click the gear icon, then select Settings to launch the Settings dialog which also shows your connection status. You can perform troubleshooting from this window.
If you are using VPN user credentials that are based on a real email address, not the firstname.last@vpn.relativity.one legacy VPN credentials, the password reset policies are determined either by you or the overall corporation in which your email exists. Please make sure to check with your IT department on how to change your password as Relativity will no longer have any control over performing a password reset for your VPN user.
To change your expiring or expired passwords, perform the following steps:
Note: If you are already logged into Microsoft at your organization, you may need to open a private browsing window in your internet browser, incognito or InPrivate, and access https://login.microsoftonline.com from there or log out and log back in with the correct credentials. If you do not do this, you will not be prompted to change your temporary password or may receive an error when you try to log out and then log back in.
Note: After changing your password, you must wait 30 minutes before attempting to log in with your new password.
This guide will show you how to connect to RelativityOne in an additional region. If you need Utility Server details, please contact your Customer Success Manager.
To add an additional VPN region to your client:
On this page
Why was this not helpful?
Check one that applies.
Thank you for your feedback.
Want to tell us more?
Great!