This article will provide basic instruction on what to configure for CL Connect's firewall rules.


In order for the API service to securely communicate with the newly created, public-facing instance of CL Connect, the server's firewall must be configured for this. The IP addresses listed below need to be whitelisted with the ports that are being used for the CL Connect communication. 

 

It is Highly Recommended that the server's firewall rules are set to block all inbound public traffic and whitelist only the given Inbound IP addresses provided below to minimize the public exposure of CL Connect for the highest level of security.

 

NOTE: Port 443 is the default for https but if other ports are being used for additional instances of CL Connect, please make those adjustments to the firewall rules.

 

  

Production

Direction

Action

IP(s)

Port(s)

Inbound

Permit

  • 23.99.3.236
  • 23.99.4.206
  • 23.99.7.131
  • 23.99.7.165
  • 23.99.91.55
  • 40.112.243.24
  • 104.209.34.227
  • 138.91.242.26
  • 191.236.119.221



443

Outbound

Permit

  • 23.99.3.236
  • 23.99.4.206
  • 23.99.7.131
  • 23.99.7.165
  • 23.99.91.55
  • 40.112.243.24
  • 104.209.34.227
  • 138.91.242.26
  • 191.236.119.221


443



Sandbox

Direction

Action

IP(s)

Port(s)

Inbound

Permit

  • 40.83.179.31
  • 40.83.181.84
  • 40.83.183.1
  • 40.83.183.190
  • 40.83.183.236
  • 137.135.49.41
  • 138.91.226.83
  • 191.236.119.221



443





Outbound

Permit

  • 40.83.179.31
  • 40.83.181.84
  • 40.83.183.1
  • 40.83.183.190
  • 40.83.183.236
  • 137.135.49.41
  • 138.91.226.83
  • 191.236.119.221



443






 

 

Next Steps: Continue to Configure CL Connect for Incoming Communication.