Firewall information port´s and IP´s
- CrossALM
- Andre Voss
Problem
Your network team asks for IPs and protocols and source and destination URLs
Solution
You need the URL/IP from your SAP system and you need the URL/ip from your Jira Atlassian cloud.
Please make sure that the IP address assigned to this URL Example: [yourname].atlassian.net has access to Solution Manager.
Provide your network team with the following IP addresses that require access to the Solution Manager system.
ip-ranges.atlassian.com
IP addresses and domains for Atlassian cloud products | Atlassian SupportThe network team can now use the information provided to create firewall routing rules to allow Atlassian Cloud products (cc4 and cc5) to communicate with your SAP system.
Please complete the following list with the list from ip-ranges.atlassian.com
config firewall address
edit "ap-southeast-2-3.26.128.128"
set subnet 3.26.128.128/26
next
edit "eu-central-1-3.69.198.0"
set subnet 3.69.198.0/26
next
edit "us-west-1-3.101.177.128"
set subnet 3.101.177.128/26
next
edit "eu-west-1-3.251.213.64"
set subnet 3.251.213.64/26
next
edit "us-west-1-13.52.5.0"
set subnet 13.52.5.0/25
next
edit "us-west-1-13.52.5.96"
set subnet 13.52.5.96/28
next
edit "ap-south-1-13.200.41.128"
set subnet 13.200.41.128/25
next
edit "ap-south-1-13.200.41.224"
set subnet 13.200.41.224/28
next
edit "ap-southeast-1-13.214.1.0"
set subnet 13.214.1.0/26
next
edit "ap-southeast-2-13.236.8.128"
set subnet 13.236.8.128/25
next
edit "ap-southeast-2-13.236.8.224"
set subnet 13.236.8.224/28
next
edit "sa-east-1-15.229.145.128"
set subnet 15.229.145.128/25
next
edit "sa-east-1-15.229.145.224"
set subnet 15.229.145.224/28
next
edit "eu-central-2-16.63.53.128"
set subnet 16.63.53.128/25
next
edit "eu-central-2-16.63.53.224"
set subnet 16.63.53.224/28
next
edit "ap-southeast-1-18.136.214.0"
set subnet 18.136.214.0/25
next
edit "ap-southeast-1-18.136.214.96"
set subnet 18.136.214.96/28
next
edit "eu-central-1-18.184.99.128"
set subnet 18.184.99.128/25
next
edit "eu-central-1-18.184.99.224"
set subnet 18.184.99.224/28
next
edit "us-east-1-18.205.93.0"
set subnet 18.205.93.0/27
next
edit "us-east-1-18.234.32.128"
set subnet 18.234.32.128/25
next
edit "us-east-1-18.234.32.224"
set subnet 18.234.32.224/28
next
edit "us-west-2-18.246.31.128"
set subnet 18.246.31.128/25
next
edit "us-west-2-18.246.31.224"
set subnet 18.246.31.224/28
next
edit "us-west-2-18.246.188.0"
set subnet 18.246.188.0/25
next
edit "us-west-2-18.246.188.32"
set subnet 18.246.188.32/28
next
edit "us-west-2-34.218.156.209"
set subnet 34.218.156.209/32
next
edit "us-west-2-34.218.168.212"
set subnet 34.218.168.212/32
next
edit "us-west-2-35.84.197.128"
set subnet 35.84.197.128/26
next
edit "ap-northeast-2-43.202.69.0"
set subnet 43.202.69.0/25
next
edit "ap-northeast-2-43.202.69.96"
set subnet 43.202.69.96/28
next
edit "us-east-1-44.197.146.192"
set subnet 44.197.146.192/26
next
edit "us-east-1-44.220.40.128"
set subnet 44.220.40.128/25
next
edit "us-east-1-44.220.40.160"
set subnet 44.220.40.160/28
next
edit "us-west-2-52.41.219.63"
set subnet 52.41.219.63/32
next
edit "eu-west-1-52.215.192.128"
set subnet 52.215.192.128/25
next
edit "eu-west-1-52.215.192.224"
set subnet 52.215.192.224/28
next
edit "global-104.192.136.0"
set subnet 104.192.136.0/21
next
edit "ca-central-1-104.192.136.0"
set subnet 104.192.136.0/24
next
edit "ca-central-1-104.192.136.240"
set subnet 104.192.136.240/28
next
edit "ap-southeast-1-104.192.137.0"
set subnet 104.192.137.0/24
next
edit "ap-southeast-1-104.192.137.240"
set subnet 104.192.137.240/28
next
edit "us-west-1-104.192.138.0"
set subnet 104.192.138.0/24
next
edit "us-west-1-104.192.138.240"
set subnet 104.192.138.240/28
next
edit "us-west-2-104.192.140.0"
set subnet 104.192.140.0/24
next
edit "us-west-2-104.192.140.240"
set subnet 104.192.140.240/28
next
edit "us-east-1-104.192.142.0"
set subnet 104.192.142.0/24
next
edit "us-east-1-104.192.142.240"
set subnet 104.192.142.240/28
next
edit "ap-northeast-2-104.192.143.0"
set subnet 104.192.143.0/24
next
edit "ap-southeast-2-104.192.143.240"
set subnet 104.192.143.240/28
next
edit "eu-west-1"
set subnet 185.166.140.0/22
next
edit "ap-northeast-1-185.166.140.0"
set subnet 185.166.140.0/24
next
edit "ap-northeast-1-185.166.140.112"
set subnet 185.166.140.112/28
next
edit "eu-west-2-185.166.141.0"
set subnet 185.166.141.0/24
next
edit "eu-west-2-185.166.141.112"
set subnet 185.166.141.112/28
next
edit "eu-west-1-185.166.142.0"
set subnet 185.166.142.0/24
next
edit "eu-west-1-185.166.142.240"
set subnet 185.166.142.240/28
next
end
Performance impact of TLS Interception/Inspection Proxies and Firewalls
In accordance with your security policies, strongly consider excluding the Atlassian first-party domains from TLS interception/inspection to ensure a performant experience.
Atlassian products heavily depend on features of the HTTP/2 protocol, particularly support for simultaneous transactions.
TLS interception/inspection proxies and firewalls often cause HTTP/2 to HTTP/1.1 protocol downgrades. Downgrades to HTTP/1.1 significantly degrade the performance of modern web applications by causing transactions to become serialised. Page load and experience wait times can incur noticeable delays as a result..