We strongly recommend verifying that your network allows connections to the IP addresses or domains listed in this document. If your application remains stuck in the ‘connecting’ mode or encounters network errors, review your firewall or proxy settings and update the allowlist configuration to permit connections to F5 Distributed Cloud network and associated locations such as docker registry. For automation purposes, you can download the subnet ranges and domains to be included in your network configuration by clicking here.
Public IPv4 Subnet Ranges
Configure your network firewall to allow connections from or to the IP address ranges specified in the following table:
Domains for F5 Distributed Cloud Content Delivery Network.
IP Addresses for Site Provisioning
If your firewall does not support domain-based permissions, you can use the following list of outbound IPs that the Customer Edge (CE) Site needs to communicate with for initial provisioning. A DNS server is required for a Site to function correctly in resolving queries. Additionally, note that port 65500 is reserved for local UI and API access, so you may want to consider blocking or allowing this port as needed.
Note: IPs have the potential to change without F5 being aware of it. For this reason, using domain-based permissions is the preferred method rather than using this list.