To integrate your applications and solutions, Celigo needs to authenticate and connect to them. If these systems have access limitations like IP whitelisting enabled, Celigo won’t be able to connect to them unless you’ve provided access. It’s the equivalent of having an access badge to enter a high-security building; without that, nothing goes through.
Steps to take:
-
Determine who handles firewall configuration for your organization, such as a network or security IT administrator.
-
Working with the person identified above, determine which access requirements listed in this article apply. Explain that the IP addresses need to be allowed (whitelisted) through your organization's firewall so that your integrations hosted on the Celigo platform can function correctly.
-
Once the administrator you're working with has confirmed the IP addresses have been allowed (whitelisted), confirm your integrations are running without connection errors.
IP addresses for different access requirements are listed below, for you to whitelist all applicable addresses within your firewall, to specify for another cloud app, or to give to your administrator.
Celigo offers a single range of IP addresses from Amazon Web Services to make application access and integrations scalable.
The integrator.io platform requires the IP range 44.204.21.0/24 to be whitelisted. In IPv4, a /24 prefix means the network uses Classless Inter-Domain Routing (CIDR) notation and has 256 available IP addresses. That is, the integrator.io platform could use any IP addresses from 44.204.21.0 to 44.204.21.255, and hence this IP range 44.204.21.0/24 should be whitelisted. No additional IP addresses need to be whitelisted for integrator.io.
The Fully Qualified Domain Name (FQDN) used for port 443 is integrator.io.
For NA agent-extension servers (on-premise agent – outbound), determine which of the following applies:
-
If HTTPS and SSH ports are fully open on your outbound network access, no whitelisting is required.
-
If HTTPS and SSH ports are open only to specific IP addresses on your outbound network access, then you must whitelist the same IP range
44.204.21.0/24and the following URLs:
In addition, to prepare for any contingencies at the primary AWS data center in the US East (N. Virginia), add the disaster recovery range 18.246.180.128/25 in the US West (Oregon) to your whitelist.
Note
Celigo has a VPC endpoint configured for Amazon S3 service. If you wish to restrict the traffic using your Amazon S3 bucket policies, add the VPCe ID: vpce-956ff3fc.
Celigo offers a single range of IP addresses from Amazon Web Services to make application access and integrations scalable.
The eu.integrator.io platform requires the IP range 3.79.248.128/26 to be whitelisted. No additional IP addresses need to be whitelisted for eu.integrator.io.
For EU agent-extension servers (on-premise agent – outbound), determine which of the following applies:
-
If HTTPS and SSH ports are fully open on your outbound network access, no whitelisting is required.
-
If HTTPS and SSH ports are open only to specific IP addresses on your outbound network access, then you must whitelist the the same IP range
3.79.248.128/26and the following URLs:
Note
-
In addition, to prepare for any contingencies at the primary AWS data center in Europe (Frankfurt), add the disaster recovery range
3.254.10.128/26in Europe (Ireland) to your whitelist. -
Celigo has a VPC endpoint configured for Amazon S3 service. If you wish to restrict the traffic using your Amazon S3 bucket policies, add the VPCe ID:
vpce-00b5eb27e1295355d.
This error can occur for many reasons. The most common occurrence is when you're trying to connect integrator.io to a host that isn't routable—that is, the hostname doesn't resolve to a public IP address accessible from the internet. You'll need to identify the server’s public-facing IP address and update your firewall settings to allow communication from integrator.io. As a workaround, you can set up an on-premise agent instead.