Loading...

Knowledge Center


Web Gateway Cloud Service IP addresses and ranges to whitelist in your firewall
Technical Articles ID:   KB87232
Last Modified:  1/16/2019
Rated:


Environment

McAfee Web Gateway Cloud Service (formerly McAfee SaaS Web Protection 1.x)

Summary

Web Gateway Cloud Service uses the Global Routing Manager (GRM) Services for intelligent traffic routing, load sharing, and failover. GRM is a DNS infrastructure used to route traffic to the best available Point of Presence (PoP) that represents a geo-located entry point into the cloud. The specific details of the PoPs might change over time as locations expand or migrate. Also, load balancing, maintenance, or other factors might cause traffic to change from one PoP to another at any given time.

To allow for dynamic management of traffic and provide the highest level of service, we strongly recommend that you do the following:
  • Whitelist all inbound IP addresses as indicated below.
  • Use host names for proxy settings.
  • Do not rely on static IP addresses.

NOTE: Customers with a centralized DNS infrastructure can specify the preference for a certain region or a country while using prefixes. For more information about regional prefix configuration and usage, see KB87631.

Inbound IP address whitelisting
The addition of more PoPs results in more IP addresses. If you restrict access in your firewalls, it is important that you add the new IP addresses to the access list. Adding the new IP addresses to the access list ensures that access is not blocked when the new PoP goes live. To ensure that the endpoints can fully use the GRM for Web Gateway Cloud Service traffic routing to the best available POP, you must whitelist the inbound IP addresses. The inbound IP addresses are listed in the Inbound column of the table below.

IMPORTANT:
  • If you restrict access in your firewalls, it is important that you whitelist all IP addresses from the list below. Whitelisting the IP addresses ensures that you are not blocking access or imposing restrictions on traffic to a specific region or location. This method allows for a smooth failover and better load-balancing of the cloud services.
  • Using an IP address instead of a host name for the browser proxy settings is not supported. For Web Gateway Cloud Service to process user traffic, you must configure the browser proxy settings or MCP policy settings to use the GRM host name as a proxy:

    Syntax: c<customer-ID>.saasprotection.com – Each customer uses their own customer ID.

    Example: c12345678.saasprotection.com
 
Outbound IP address whitelisting
For some business-to-business applications or for some destination services with source IP address restrictions, you might need to provide your business partner with IP addresses to allow connectivity. The IP addresses are listed below in the Outbound column.

NOTE: To simplify the administration effort, you can download a list with all IP addresses as a CSV and JSON file. This IP address list helps to filter by publish date or to create customized scripts that gather maintained whitelists on your security devices. To download the latest IP address list, use the direct link provided below, or go to http://trust.mcafee.com and navigate to Setup, IP-Addresses/Ranges. The http://trust.mcafee.com webpage also provides PoP status, recent incidents, and scheduled maintenance information for the Web Gateway Cloud Service.
  The following table includes all available IP addresses and ranges for PoP.  
The following ports and protocols are used by the Web Gateway Cloud Service; allow these ports on the firewall as required.
 
Protocol Ports Purpose
 TCP   80, 443, 8080  HTTP(S) proxy
   3128  WDS Connector for SaaS web protection 
   8084  SAML Authentication
UDP  500, 4500  IPsec
ESP    IPsec
 

NOTE: The dates in bold identify the most recent IP addresses to be updated. IP addresses and ranges with a Remove Date are no longer used in McAfee Web Gateway Cloud Service as of that date.

To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.

To receive information about McAfee product updates, sign up for the Support Notification Service at https://sns.secure.mcafee.com/signup_login.

 
Region IP address/range Inbound   Outbound  Publish Date  Remove Date
Africa 129.232.225.234/32    X X October 25, 2016 March 28, 2019
Africa 129.232.226.2/32 X X October 25, 2016 March 28, 2019
Africa 185.125.224.0/22 X X January 31, 2019  
Americas 185.221.68.0/22 X X September 22, 2017  
Americas 185.212.104.0/22 X X August 2, 2017  
Americas 161.69.22.122/32   X October 25, 2016  
Americas 208.42.251.123/32   X October 25, 2016  
Americas 108.60.148.187/32 X X October 14, 2016 July 18, 2017
Americas 162.250.3.37/32 X X October 14, 2016  
Americas 108.60.136.186/32 X X September 16, 2016 July 18, 2017
Americas 108.60.136.187/32 X X September 16, 2016 July 18, 2017
Americas 108.60.148.186/32 X X September 16, 2016 July 18, 2017
Americas 108.60.150.130/32 X X September 16, 2016 July 18, 2017
Americas 108.60.150.131/32 X X September 16, 2016 July 18, 2017
Americas 161.69.14.137/32 X X September 16, 2016  
Americas 161.69.14.139/32 X X September 16, 2016  
Americas 162.250.3.36/32 X X September 16, 2016 July 18, 2017
Americas 184.75.215.242/32 X X September 16, 2016  
Americas 184.75.215.98/32 X X September 16, 2016  
Americas 208.65.150.192/32 X   September 16, 2016  
Americas 208.65.151.192/32 X   September 16, 2016  
Americas 54.207.98.206/32 X X September 16, 2016 November 30, 2018
Americas 54.94.201.194/32 X X September 16, 2016 November 30, 2018
Americas 74.91.14.2/32 X X September 16, 2016 July 18, 2017
Americas 74.91.14.3/32 X X September 16, 2016 July 18, 2017
Americas 161.69.112.0/20 X X June 16, 2016  
Americas 185.125.224.0/22 X X June 16, 2016  
Americas 52.2.191.60/32 X X June 16, 2016  
Americas 52.201.117.185/32 X X June 16, 2016  
Americas 52.201.118.139/32 X X June 16, 2016  
Americas 52.201.126.139/32 X X June 16, 2016  
Americas 52.38.180.253/32 X X June 16, 2016  
Americas 52.38.193.184/32 X X June 16, 2016  
Americas 52.38.57.115/32 X X June 16, 2016  
Americas 52.8.124.42/32 X X June 16, 2016  
Americas 52.86.6.124/32 X X June 16, 2016  
Americas 52.9.157.23/32 X X June 16, 2016  
Americas 52.9.171.209/32 X X June 16, 2016  
Americas 54.233.172.148/32 X X June 16, 2016  
Americas 54.233.176.255/32 X X June 16, 2016  
Americas 54.233.186.156/32 X X June 16, 2016  
Americas 54.94.215.173/32 X X June 16, 2016  
Americas 54.94.230.23/32 X X June 16, 2016  
Americas 35.182.104.170/32 X X April 10, 2018  
Americas 35.182.106.121/32 X X April 10, 2018  
Americas 52.60.169.78/32 X X April 10, 2018  
Americas 52.60.235.62/32 X X April 10, 2018  
Americas 52.60.52.119/32 X X April 10, 2018  
Asia/Pacific    185.221.68.0/22 X X September 22, 2017  
Asia/Pacific    185.212.104.0/22 X X August 2, 2017  
Asia/Pacific    124.47.168.139/32   X October 25, 2016 April 10, 2018
Asia/Pacific 161.69.192.123/32   X October 25, 2016  
Asia/Pacific 161.69.206.27/32   X October 25, 2016 April 10, 2018
Asia/Pacific 203.97.87.59/32   X October 25, 2016 July 18, 2017
Asia/Pacific 103.231.89.18/32 X X October 7, 2016 April 10, 2018
Asia/Pacific 103.231.89.22/32 X X October 7, 2016 April 10, 2018
Asia/Pacific 120.138.17.53/32 X X September 16, 2016  
Asia/Pacific 120.138.17.54/32 X X September 16, 2016  
Asia/Pacific 208.81.65.192/32 X   September 16, 2016  
Asia/Pacific 208.81.66.192/32 X   September 16, 2016  
Asia/Pacific 208.81.67.192/32 X   September 16, 2016 July 18, 2017
Asia/Pacific 208.81.69.192/32 X   September 16, 2016 April 10, 2018
Asia/Pacific 43.240.64.104/32 X X September 16, 2016  
Asia/Pacific 43.240.64.105/32 X X September 16, 2016  
Asia/Pacific 43.249.37.35/32 X X September 16, 2016  
Asia/Pacific 43.249.37.38/32 X X September 16, 2016  
Asia/Pacific 49.50.81.12/32 X X September 16, 2016  
Asia/Pacific 49.50.81.17/32 X X September 16, 2016  
Asia/Pacific 161.69.240.0/20 X X June 16, 2016  
Asia/Pacific 185.125.224.0/22 X X June 16, 2016  
Asia/Pacific 52.196.141.193/32 X X June 16, 2016  
Asia/Pacific 52.62.9.167/32 X X June 16, 2016  
Asia/Pacific 52.62.96.66/32 X X June 16, 2016  
Asia/Pacific 52.63.18.189/32 X X June 16, 2016  
Asia/Pacific 52.68.234.173/32 X X June 16, 2016  
Asia/Pacific 52.69.46.184/32 X X June 16, 2016  
Asia/Pacific 52.74.5.157/32 X X June 16, 2016  
Asia/Pacific 52.77.108.133/32 X X June 16, 2016  
Asia/Pacific 52.79.175.47/32 X X June 16, 2016  
Asia/Pacific 52.79.50.71/32 X X June 16, 2016  
Europe 185.221.68.0/22 X X September 22, 2017  
Europe 185.212.104.0/22 X X August 2, 2017  
Europe 193.128.33.248/32   X October 25, 2016 April 10, 2018
Europe 208.81.64.248/32   X October 25, 2016 April 10, 2018
Europe 208.81.64.192/32 X   September 16, 2016 April 10, 2018
Europe 208.81.68.192/32 X   September 16, 2016 April 10, 2018
Europe 213.239.220.71/32 X X September 16, 2016  
Europe 213.239.220.72/32 X X September 16, 2016  
Europe 78.46.116.105/32 X X September 16, 2016  
Europe 161.69.176.0/20 X X June 16, 2016  
Europe 185.125.224.0/22 X X June 16, 2016  
Europe 52.50.161.113/32 X X June 16, 2016  
Europe 52.50.234.32/32 X X June 16, 2016  
Europe 52.58.111.233/32 X X June 16, 2016  
Europe 52.58.116.88/32 X X June 16, 2016  
Europe 52.58.127.186/32 X X June 16, 2016  
Middle East 185.37.148.186/32 X X October 7, 2016 April 10, 2018
Middle East 185.37.148.187/32 X X October 7, 2016 April 10, 2018

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.