Allowing ICA connecting to IC2 public cloud

Product Discussion Other Products
1

Hi There,
for a customer we need to limit the outgoing access of an virtual InControl appliance to the Peplink Server on Basis of IP-Addresses.
Can you provide the IP Addresses of the following Hostnames too?
ra.peplink.com
download.peplink.com
api.ic.peplink.com
push.ic.peplink.com

Also: Which IP Adresses do the Bonding Hubs need to Communicate to (in this Case Balance 710)?
Thanks a lot.
Kind regards
Johannes

2

@jfickeis

Can you further explain your questions above ?

Allowing ICA connecting to IC2 ?

Allowing connection between FusionHub and B710 ?

1 Like
3

Hi,
which IP Addresses need to be reachable by the incontrol server, in order to operate normally?
In the Manual, there are Hostnames, but we need the IP Addresses for our Firewall.

Same also for the B710 (which operates as Hub)
Thanks a lot
Johannes

4

Hi @jfickeis,

Does this post > Here < answer your questions - it lists the public IP addresses our InControl2 system.

Hope this helps,

Steve

2 Likes
5

Hi Steve,
my original post was excactly in this post, you had sent me, but was moved.
The post you shared, does not answer the Question, which IP Adresses need to be reached by a B710. I like to know, which Hostname, has which IP Adresses, since some Hostnames are optional for Incontrol and Balance. But In the Instructions there are only Hostnames and in the Link you have provided there are only IP Adresess for InControl, But not, which IP belongs to which hostname. Also not For the Balance Routers.
Thanks a lot
Kind regards
Johannes

6

Hi Johannes,

I made an nslookup on these 4 Servernames:
Name: ra-geo.peplink.com
Address: 54.254.186.173
Aliases: ra.peplink.com

Name: download.peplink.com
Addresses: 2606:4700:20::6819:6a15
2606:4700:20::6819:6b15
104.25.107.21
104.25.106.21

Name: lb-rs-e2-283654548.us-west-2.elb.amazonaws.com
Addresses: 52.13.164.248
34.209.178.72
Aliases: api.ic.peplink.com

Name: ic2-800928670.us-west-2.elb.amazonaws.com
Addresses: 52.35.194.93
52.42.108.27
Aliases: push.ic.peplink.com

The question is, are more Server needed in an Firewallroule eg. for automatic Firmwareupdates and so on…

Regards
Dennis

1 Like
7

I’M TROUBLESHOOTING SEVERAL ISSUES WHERE THE:

  • IC2 ICONS ARE MISSING ON THE PEPLINK 48P & 24P SWITCHES.
  • IC2 REMOTE ACCESS TO THE SWITCHES IS HINDERED DUE TO SLOW THROUGHPUT (ALL OTHER INTERNET CONNECTION SPEEDS ARE FINE).
  • 5 VLANS ARE NOT POPULATING CORRECTLY ON SWITCHES.
  • THE APO-AX & APO-AX-LITE UNITS ARE INTERMITENT, EVERY 2 MINUTES THEY STOP REPORTING TO IC2
    - WIRELESS CLIENTS CONNECTING TO THE AP UNITS LOSE WIFI CONNECTIONS EVERY 2 MINUTES.

BOTH SWITCHES ARE CONNECTED TO PEPLINK ROUTER 310X-5GH.
(WE REPLICATED THIS ISSUE ON TWO BR1 Pro 5G ROUTERS.)

  • THE ISSUE IS ONLY PRESENT WHEN WE USE THE CLIENT PROVIDED ATT CELLULAR CONNECTION.
  • ON OUR BENCH THERE ARE NO ISSUES WITH OUR DSL CONNECTION OR OUR ATT TEST SIM CARD
  • IC2 “DEVICE CONFIGURATION” IS DISABLED.

TICKET # 21110578

I’VE READ SEVERAL RELATED FORUM POSTS DATING BACK TO 2014 WHERE THEY MENTION THE FOLLOWING = Outbound PORTS USED ARE UDP 5246 & TCP 443.

QUESTION:

  1. I ASSUME THIS 2014 INFO IS NO LONGER ACCURATE?
    AS I ADDED 2 FIREWALL RULES TO BLOCK PORTS Udp 5246 & Tcp 443 AND THIS DOES NOT BREAK IC2 CONNECTIVITY TO THE SWITCHES ON OUR BENCH.

ARE PORTS NO LONGER BEING USED? INSTEAD, THE IC2 CONNECTIVITY ONLY USES “DOMAINS”?
ra.peplink.com
download.peplink.com
api.ic.peplink.com
push.ic.peplink.com

(I HAVENT HAD A CHANCE TO BLOCK THESE DOMAINS YET AND TEST).

ANY COMMUNITY AND PEPLINK ENGINEER INPUT IS GREATLY APPRECIATED AS THESE ISSUES HAVE DELAYED A BIG PROJECT. THANK YOU IN ADVANCE.

8

That always makes me suspicious. Try sending all traffic via a SpeedFusion connection by using an enforced rule with a destination of *.peplink.com

1 Like