Web Gateway Cloud Service IP addresses and ranges to allow in your firewall
Technical Articles ID:
KB87232
Last Modified: 10/18/2019
Rated:
Last Modified: 10/18/2019
Rated:
Environment
McAfee Web Gateway Cloud Service (formerly McAfee SaaS Web Protection 1.x)
Summary
Web Gateway Cloud Service uses the Global Routing Manager (GRM) Services for intelligent traffic routing, load sharing, and failover. GRM is a DNS infrastructure used to route traffic to the best available Point of Presence (PoP) that represents a geo-located entry point into the cloud. The specific details of the PoPs might change over time as locations expand or migrate. Also, load balancing, maintenance, or other factors might cause traffic to change from one PoP to another at any given time.
To allow for dynamic management of traffic and provide the highest level of service, we strongly recommend that you do the following:
- Allow all inbound IP addresses as indicated below.
- Use host names for proxy settings.
- Do not rely on static IP addresses.
NOTE: Customers with a centralized DNS infrastructure can specify the preference for a certain region or a country while using prefixes. For more information about regional prefix configuration and use, see KB87631.
Inbound IP address access list
The addition of more PoPs results in more IP addresses. If you restrict access in your firewalls, it is important that you add the new IP addresses to the access list. Adding the new IP addresses to the access list makes sure that access is not blocked when the new PoP goes live. To make sure that the endpoints can fully use the GRM for Web Gateway Cloud Service traffic routing to the best available POP, you must allow the inbound IP addresses. The inbound IP addresses are listed in the Inbound column of the table below.
The addition of more PoPs results in more IP addresses. If you restrict access in your firewalls, it is important that you add the new IP addresses to the access list. Adding the new IP addresses to the access list makes sure that access is not blocked when the new PoP goes live. To make sure that the endpoints can fully use the GRM for Web Gateway Cloud Service traffic routing to the best available POP, you must allow the inbound IP addresses. The inbound IP addresses are listed in the Inbound column of the table below.
IMPORTANT:
- If you restrict access in your firewalls, it is important that you allow all IP addresses from the list below. Allowing the IP addresses ensures that you are not blocking access or imposing restrictions on traffic to a specific region or location. This method allows for a smooth failover and better load-balancing of the cloud services.
- Using an IP address instead of a host name for the browser proxy settings is not supported. For Web Gateway Cloud Service to process user traffic, you must configure the browser proxy settings or MCP policy settings to use the GRM host name as a proxy:
Syntax: c<customer-ID>.saasprotection.com – Each customer uses their own customer ID.
Example: c12345678.saasprotection.com
Outbound IP address access list
For some business-to-business applications or for some destination services with source IP address restrictions, you might need to provide your business partner with IP addresses to allow connectivity. The IP addresses are listed below in the Outbound column.
NOTE: To simplify the administration effort, you can download a list with all IP addresses as a CSV and JSON file. This IP address list helps to filter by publish date or to create customized scripts that gather maintained allow lists on your security devices. To download the latest IP address list, use the direct link provided below, or go to http://trust.mcafee.com and navigate to Setup, IP-Addresses/Ranges. The http://trust.mcafee.com webpage also provides PoP status, recent incidents, and scheduled maintenance information for the Web Gateway Cloud Service.
- IP address list as CSV file: https://trust.mcafee.com/web/ip_addresses.csv
- IP address list as JSON file: https://trust.mcafee.com/web/ip_addresses.json
| Protocol | Ports | Purpose |
| TCP | 80, 443, 8080 | HTTP(S) proxy |
| 3128 | WDS Connector for SaaS web protection | |
| 8084 | SAML Authentication | |
| UDP | 500, 4500 | IPsec |
| ESP | IPsec |
NOTE: The dates in bold identify the most recent IP addresses to be updated. IP addresses and ranges with a Remove Date are no longer used in McAfee Web Gateway Cloud Service as of that date.
To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.
To receive information about McAfee product updates, sign up for the Support Notification Service at https://sns.secure.mcafee.com/signup_login.
| Region | IP address/range | Inbound | Outbound | Publish Date | Remove Date |
|---|---|---|---|---|---|
| Africa | 129.232.225.234/32 | X | X | October 25, 2016 | March 28, 2019 |
| Africa | 129.232.226.2/32 | X | X | October 25, 2016 | March 28, 2019 |
| Africa | 185.125.224.0/22 | X | X | January 31, 2019 | |
| Americas | 185.221.68.0/22 | X | X | September 22, 2017 | |
| Americas | 185.212.104.0/22 | X | X | August 2, 2017 | |
| Americas | 161.69.22.122/32 | X | October 25, 2016 | ||
| Americas | 208.42.251.123/32 | X | October 25, 2016 | ||
| Americas | 108.60.148.187/32 | X | X | October 14, 2016 | July 18, 2017 |
| Americas | 162.250.3.37/32 | X | X | October 14, 2016 | |
| Americas | 108.60.136.186/32 | X | X | September 16, 2016 | July 18, 2017 |
| Americas | 108.60.136.187/32 | X | X | September 16, 2016 | July 18, 2017 |
| Americas | 108.60.148.186/32 | X | X | September 16, 2016 | July 18, 2017 |
| Americas | 108.60.150.130/32 | X | X | September 16, 2016 | July 18, 2017 |
| Americas | 108.60.150.131/32 | X | X | September 16, 2016 | July 18, 2017 |
| Americas | 161.69.14.137/32 | X | X | September 16, 2016 | |
| Americas | 161.69.14.139/32 | X | X | September 16, 2016 | |
| Americas | 162.250.3.36/32 | X | X | September 16, 2016 | July 18, 2017 |
| Americas | 184.75.215.242/32 | X | X | September 16, 2016 | |
| Americas | 184.75.215.98/32 | X | X | September 16, 2016 | |
| Americas | 208.65.150.192/32 | X | September 16, 2016 | ||
| Americas | 208.65.151.192/32 | X | September 16, 2016 | ||
| Americas | 54.207.98.206/32 | X | X | September 16, 2016 | November 30, 2018 |
| Americas | 54.94.201.194/32 | X | X | September 16, 2016 | November 30, 2018 |
| Americas | 74.91.14.2/32 | X | X | September 16, 2016 | July 18, 2017 |
| Americas | 74.91.14.3/32 | X | X | September 16, 2016 | July 18, 2017 |
| Americas | 161.69.112.0/20 | X | X | June 16, 2016 | |
| Americas | 185.125.224.0/22 | X | X | June 16, 2016 | |
| Americas | 52.2.191.60/32 | X | X | June 16, 2016 | |
| Americas | 52.201.117.185/32 | X | X | June 16, 2016 | |
| Americas | 52.201.118.139/32 | X | X | June 16, 2016 | |
| Americas | 52.201.126.139/32 | X | X | June 16, 2016 | |
| Americas | 52.38.180.253/32 | X | X | June 16, 2016 | |
| Americas | 52.38.193.184/32 | X | X | June 16, 2016 | |
| Americas | 52.38.57.115/32 | X | X | June 16, 2016 | |
| Americas | 52.8.124.42/32 | X | X | June 16, 2016 | |
| Americas | 52.86.6.124/32 | X | X | June 16, 2016 | |
| Americas | 52.9.157.23/32 | X | X | June 16, 2016 | |
| Americas | 52.9.171.209/32 | X | X | June 16, 2016 | |
| Americas | 54.233.172.148/32 | X | X | June 16, 2016 | |
| Americas | 54.233.176.255/32 | X | X | June 16, 2016 | |
| Americas | 54.233.186.156/32 | X | X | June 16, 2016 | |
| Americas | 54.94.215.173/32 | X | X | June 16, 2016 | |
| Americas | 54.94.230.23/32 | X | X | June 16, 2016 | |
| Americas | 35.182.104.170/32 | X | X | April 10, 2018 | |
| Americas | 35.182.106.121/32 | X | X | April 10, 2018 | |
| Americas | 52.60.169.78/32 | X | X | April 10, 2018 | |
| Americas | 52.60.235.62/32 | X | X | April 10, 2018 | |
| Americas | 52.60.52.119/32 | X | X | April 10, 2018 | |
| Asia/Pacific | 64.120.89.38/32 | X | X | October 30, 2019 | |
| Asia/Pacific | 64.120.88.65/32 | X | X | October 30, 2019 | |
| Asia/Pacific | 13.127.170.253 | X | X | June 30, 2019 | |
| Asia/Pacific | 35.154.207.237 | X | X | June 30, 2019 | |
| Asia/Pacific | 185.221.68.0/22 | X | X | September 22, 2017 | |
| Asia/Pacific | 185.212.104.0/22 | X | X | August 2, 2017 | |
| Asia/Pacific | 124.47.168.139/32 | X | October 25, 2016 | April 10, 2018 | |
| Asia/Pacific | 161.69.192.123/32 | X | October 25, 2016 | ||
| Asia/Pacific | 161.69.206.27/32 | X | October 25, 2016 | April 10, 2018 | |
| Asia/Pacific | 203.97.87.59/32 | X | October 25, 2016 | July 18, 2017 | |
| Asia/Pacific | 103.231.89.18/32 | X | X | October 7, 2016 | April 10, 2018 |
| Asia/Pacific | 103.231.89.22/32 | X | X | October 7, 2016 | April 10, 2018 |
| Asia/Pacific | 120.138.17.53/32 | X | X | September 16, 2016 | |
| Asia/Pacific | 120.138.17.54/32 | X | X | September 16, 2016 | |
| Asia/Pacific | 208.81.65.192/32 | X | September 16, 2016 | ||
| Asia/Pacific | 208.81.66.192/32 | X | September 16, 2016 | ||
| Asia/Pacific | 208.81.67.192/32 | X | September 16, 2016 | July 18, 2017 | |
| Asia/Pacific | 208.81.69.192/32 | X | September 16, 2016 | April 10, 2018 | |
| Asia/Pacific | 43.240.64.104/32 | X | X | September 16, 2016 | |
| Asia/Pacific | 43.240.64.105/32 | X | X | September 16, 2016 | |
| Asia/Pacific | 43.249.37.35/32 | X | X | September 16, 2016 | December 09, 2019 |
| Asia/Pacific | 43.249.37.38/32 | X | X | September 16, 2016 | December 09, 2019 |
| Asia/Pacific | 49.50.81.12/32 | X | X | September 16, 2016 | |
| Asia/Pacific | 49.50.81.17/32 | X | X | September 16, 2016 | |
| Asia/Pacific | 161.69.240.0/20 | X | X | June 16, 2016 | |
| Asia/Pacific | 185.125.224.0/22 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.196.141.193/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.62.9.167/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.62.96.66/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.63.18.189/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.68.234.173/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.69.46.184/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.74.5.157/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.77.108.133/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.79.175.47/32 | X | X | June 16, 2016 | |
| Asia/Pacific | 52.79.50.71/32 | X | X | June 16, 2016 | |
| Europe | 35.178.126.236 | X | X | June 30, 2019 | |
| Europe | 35.178.227.224 | X | X | June 30, 2019 | |
| Europe | 35.181.21.17 | X | X | June 30, 2019 | |
| Europe | 52.47.81.75 | X | X | June 30, 2019 | |
| Europe | 185.221.68.0/22 | X | X | September 22, 2017 | |
| Europe | 185.212.104.0/22 | X | X | August 2, 2017 | |
| Europe | 193.128.33.248/32 | X | October 25, 2016 | April 10, 2018 | |
| Europe | 208.81.64.248/32 | X | October 25, 2016 | April 10, 2018 | |
| Europe | 208.81.64.192/32 | X | September 16, 2016 | April 10, 2018 | |
| Europe | 208.81.68.192/32 | X | September 16, 2016 | April 10, 2018 | |
| Europe | 213.239.220.71/32 | X | X | September 16, 2016 | |
| Europe | 213.239.220.72/32 | X | X | September 16, 2016 | |
| Europe | 78.46.116.105/32 | X | X | September 16, 2016 | |
| Europe | 161.69.176.0/20 | X | X | June 16, 2016 | |
| Europe | 185.125.224.0/22 | X | X | June 16, 2016 | |
| Europe | 52.50.161.113/32 | X | X | June 16, 2016 | |
| Europe | 52.50.234.32/32 | X | X | June 16, 2016 | |
| Europe | 52.58.111.233/32 | X | X | June 16, 2016 | |
| Europe | 52.58.116.88/32 | X | X | June 16, 2016 | |
| Europe | 52.58.127.186/32 | X | X | June 16, 2016 | |
| Middle East | 185.37.148.186/32 | X | X | October 7, 2016 | April 10, 2018 |
| Middle East | 185.37.148.187/32 | X | X | October 7, 2016 | April 10, 2018 |
