Support Enterprise Administration Network Allowlist Network Allowlist If your organisation uses a corporate firewall, proxy, or web filter, the following domains and ports must be allowlisted for SecDim to function correctly. Required Domains Domain Port(s) Purpose id.secdim.com 443 (HTTPS) Authentication, account management, SSO play.secdim.com 443 (HTTPS, WebSocket) SecDim Play — challenges, games, leaderboards learn.secdim.com 443 (HTTPS) SecDim Learn — courses and learning content game.secdim.com 22 (SSH) Git access for cloning challenge repositories locally lab.secdim.com 443 (HTTPS) Git access for cloning SecDim Learn Labs locally discuss.secdim.com 443 (HTTPS) SecDim Discuss — support forum and discussion boards *.secdim.net 443 (HTTPS, WebSocket) Cloud Development Environment (CDE) Attack and Defence Challenges If your team participates in attack and defence wargames, the following additional domain pattern must be allowlisted: Domain Port(s) Purpose *-xdrmsxuwlq-uc.a.run.app 443 (HTTPS) Deployed applications during attack and defence challenges WebSocket Requirements The following services require WebSocket connections in addition to standard HTTPS: play.secdim.com — real-time challenge updates *.secdim.net — CDE (Cloud Development Environment) Ensure your proxy or firewall does not strip or block WebSocket upgrade headers on these domains. Proxy Configuration If your organisation routes traffic through an HTTP proxy: Ensure the proxy supports WebSocket connections (HTTP/1.1 upgrade or HTTP/2) Ensure the proxy does not perform TLS inspection on the domains listed above, as this may interfere with WebSocket connections and SSH access If using an allowlist-based proxy, add all domains listed on this page Testing Connectivity To verify that your network can reach SecDim: Open https://id.secdim.com in a browser and confirm the login page loads Open https://play.secdim.com and start any challenge Click Open in CDE and confirm the VS Code environment loads If using SSH locally, run: ssh -T [email protected]