Feb 102014
 

like many others behind corporate/personal firewalls, i have struggled to get the spotify web player (http://play.spotify.com) working reliably. after working with a network admin at work, we have finally gotten it resolved.

Sorry but it seems that we cannot stream music to you at this time. This is probably because of restrictions placed on your network, but we are working on ways to get around this

the spotify faq tells you to open tcp/4070 to 78.31.8.0/21 – and nothing else. this is not quite complete – apparently the web player also requires a connection to a macromedia-fcs server, which they appear to run out of amazon cloudfront. i found cloudfront’s public ip list , and added access to tcp/1935 on all ranges. the final list looked like:

source any any dest 54.192.0.0/16 tcp/1935
source any any dest 54.230.0.0/16 tcp/1935
source any any dest 54.239.128.0/18 tcp/1935
source any any dest 54.239.192.0/19 tcp/1935
source any any dest 54.240.128.0/18 tcp/1935
source any any dest 204.246.164.0/22 tcp/1935
source any any dest 204.246.168.0/22 tcp/1935
source any any dest 204.246.174.0/23 tcp/1935
source any any dest 204.246.176.0/20 tcp/1935
source any any dest 205.251.192.0/19 tcp/1935
source any any dest 205.251.249.0/24 tcp/1935
source any any dest 205.251.250.0/23 tcp/1935
source any any dest 205.251.252.0/23 tcp/1935
source any any dest 205.251.254.0/24 tcp/1935
source any any dest 216.137.32.0/19 tcp/1935
source any any dest 78.31.8.0/21 tcp/4070
source any any dest 193.182.8.0/21 tcp/4070

hope this helps someone else!