Skip to main content

Connecting to a private network

You can connect GitHub Codespaces to resources on a private network, including package registries, license servers, and on-premises databases.

GitHub Codespaces is available for organizations using GitHub Team or GitHub Enterprise Cloud. For more information, see "GitHub's products."

About codespace networking

By default, your codespaces have access to all resources on the public internet, including package managers, license servers, databases, and cloud platform APIs, but they have no access to resources on private networks.

Connecting to resources on a private network

The currently supported method of accessing resources on a private network is to use a VPN. It is currently not recommended to allowlist codespaces IPs as this would allow all codespaces (both yours and those of other customers) access to the network protected resources.

Using a VPN to access resources behind a private network

The easiest way to access resources behind a private network is to VPN into that network from within your codespace.

We recommend VPN tools like OpenVPN to access resources on a private network. For more information, see "Using the OpenVPN client from GitHub Codespaces."

There are also a number of third party solutions that, while not explicitly endorsed by GitHub, have provided examples of how to integrate with Codespaces.

These third party solutions include:

Allowlisting private resources for codespaces

While GitHub publishes IP ranges for several products on its Meta API, codespaces IPs are dynamically assigned, meaning your codespace is not guaranteed to have the same IP address day to day. We highly discourage users from allowlisting an entire IP range, as this would give overly broad access to all codespaces (including users not affiliated with your codespaces).

For more information about the Meta API, see "Meta."

Restricting access to the public internet

At present, there is no way to restrict codespaces from accessing the public internet, or to restrict appropriately authenticated users from accessing a forwarded port.

For more information on how to secure your codespaces, see "Security in GitHub Codespaces."