Allow Resource Connector Traffic to Secure Access
Your firewall must allow your resource connectors to reach the destinations that are listed on this page.
All connections are outbound from your network.
Region-Specific Destinations
Allow traffic to the applicable regional destination FQDNs or addresses, on these ports and protocols:
- UDP/443 (DTLS)
- TCP/443 (TLS)
| Continent | Region | FQDN | Resolves To |
|---|---|---|---|
| Asia | |||
| Asia Pacific (Hong Kong) | prod.ape1.acgw.sse.cisco.com | 151.186.169.0/24 | |
| Asia Pacific (Jakarta) | prod.apse3.acgw.sse.cisco.com | 151.186.205.0/24 | |
| Asia Pacific (Osaka) | prod.apne3.acgw.sse.cisco.com | 151.186.170.0/24 | |
| Asia Pacific (Singapore) | prod.apse2.acgw.sse.cisco.com | 151.186.195.0/24 | |
| Asia Pacific (Tokyo) | prod.apne1.acgw.sse.cisco.com | 151.186.193.0/24 | |
| India (South) | prod.aps2.acgw.sse.cisco.com | 151.186.166.0/24 | |
| India (West) | prod.apse1.acgw.sse.cisco.com | 151.186.194.0/24 | |
| Israel (Tel Aviv) | prod.ilc1.acgw.sse.cisco.com | 151.186.203.0/24 | |
| Middle East (UAE) | prod.mec1.acgw.sse.cisco.com | 151.186.171.0/24 | |
| Australia | |||
| Sydney | prod.aps1.acgw.sse.cisco.com | 151.186.196.0/24 | |
| Europe | |||
| Germany | prod.euc1.acgw.sse.cisco.com | 151.186.197.0/24 | |
| Stockholm | prod.eun1.acgw.sse.cisco.com | 151.186.162.0/24 | |
| Switzerland (Zurich) | prod.euc2.acgw.sse.cisco.com | 151.186.207.0/24 | |
| United Kingdom | prod.euw2.acgw.sse.cisco.com | 151.186.198.0/24 | |
| North America | |||
| Canada (Central) | prod.cac1.acgw.sse.cisco.com | 151.186.206.0/24 | |
| US (Pacific Northwest) | prod.usw2.acgw.sse.cisco.com | 151.186.192.0/24 | |
| US (Virginia) | prod.use1.acgw.sse.cisco.com | 151.186.199.0/24 | |
| South America | |||
| Brazil | prod.sae1.acgw.sse.cisco.com | 151.186.168.0/24 |
Destinations For All Regions
Allow outbound traffic to all of the following destinations:
| FQDN | Resolves To | Port and Protocol |
|---|---|---|
| us.repo.acgw.sse.cisco.com | 44.219.201.178 3.216.0.64 52.25.242.148 52.43.27.33 | TCP/443 |
| eu.repo.acgw.sse.cisco.com | 3.69.139.181 3.65.114.4 13.43.63.69 18.132.151.163 | TCP/443 |
| ap.repo.acgw.sse.cisco.com | 13.114.55.164 57.181.78.26 52.64.179.81 52.65.178.47 | TCP/443 |
| us.controller.acgw.sse.cisco.com | 54.188.111.4 35.165.184.17 54.152.122.37 3.211.159.37 | TCP/443 |
| eu.controller.acgw.sse.cisco.com | 35.156.127.26 52.57.119.242 18.135.181.212 18.135.254.39 | TCP/443 |
| ap.controller.acgw.sse.cisco.com | 3.105.121.195 13.211.184.71 54.199.90.120 18.178.227.126 | TCP/443 |
| api.sse.cisco.com | 146.112.59.20 | TCP/443 |
| prod.acme.sse.cisco.com | TCP/443 | |
| ssepki.cryptosvcs.cisco.com | TCP/80 |
Requirements and Prerequisites for Resource Connectors and Connector Groups < Allow Resource Connector Traffic to Secure Access > Add Resource Connector Groups
Updated about 2 months ago