Posted on 01-24-2023 09:48 AM
As a follow-up to a recent post regarding some additional IP address that have been included in the Outbound traffic from Jamf Cloud, below is a list of the Outbound IP Address that have been added. For a complete list, please see the “Permitting Inbound/Outbound Traffic with Jamf Cloud” document located here:
Permitting Inbound/Outbound Traffic with Jamf Cloud - Technical Articles | Jamf
Regions |
IP Addresses |
U.S. (All Regions) |
|
eu-central-1 |
|
eu-west-2 |
|
ap-southeast-2 |
|
ap-northeast-1 |
|
Posted on 01-27-2023 10:40 AM
Why were the specific US regions removed from https://docs.jamf.com/technical-articles/Permitting_InboundOutbound_Traffic_with_Jamf_Cloud.html? Now only U.S. (All Regions) is available. The page used to have IP's for each US region (e.g.: us-west-2).
Posted on 01-27-2023 01:00 PM
Thanks for your inquiry. The IP addresses have been consolidated in one U.S. region to ensure all our clients are covered should their instance ever get moved to another region. While this is rare, we’ve had some situations where clients have requested their instance be moved to another region but subsequently didn’t update their IP addresses which resulted in some issues. Additionally, in some rare situations we’ve had to fail over client instances to another region, again causing some IP challenges. In light of this, we have consolidated the IP addresses to U.S. (All Regions) to help mitigate some edge cases that occasionally arise.
Posted on 02-02-2023 06:29 AM
so you consolidated to a single list to accommodate a minority when the majority just need a smaller list for there instance....
Posted on 02-06-2023 11:17 AM
Would this cause issues with Jamf Cloud distribution point? All of our packages are missing as of last week. When we run a test for the Distribution Point, get an error "Error sending message: Cannot contact CCM Server"
Posted on 02-08-2023 09:23 AM
Apologies for the delay in response. This should be unrelated however can you please submit a support ticket here and a support technician should be able to help research further. Thank you
Posted on 04-22-2023 05:58 PM
Could Jamf explore the option of creating a publicly available External Dynamic List (EDL) of Jamf Cloud Outbound IP addresses. This way, NGFWs can automatically ingest this list and maintain an up to date allow list without interaction. This reduces downtime if Jamf were to add/remove IP addresses.
This also helps customers not have to create 50+ Jamf Cloud IP objects on our firewall.
Jamf Cloud EDL Examples (not real):
Real hosted EDL for Amazon (US ALL): https://saasedl.paloaltonetworks.com/feeds/aws/us/any/ipv4
Creating your own EDL:
Signing up for Palo Alto Hosted EDL
https://docs.paloaltonetworks.com/resources/edl-hosting-service
Thank you.
Posted on 07-23-2024 12:51 PM
YES this is exactly what I need, or please publish the IPs in JSON format so I can write automation to pull IPs and create my own EDL. similar to what github does here https://api.github.com/meta