Contact Free trial Login

Ports, IP Addresses, and Hostnames to Whitelist

logo cloud disabled logo hybrid active logo server active logo rtf disabled

In your network, you must whitelist the hostnames and ports of various parts of Anypoint Platform to allow the Runtime Manager agent in a customer-hosted Mule runtime engine to communicate with the online Anypoint Platform APIs and services managed by MuleSoft.

These tables show you the ports or IP addresses and hostnames to add to your whitelists to allow communication between the agent and the Runtime Manager console.

Because the following endpoints use mutual TLS authentication, to establish the connection, you must configure SSL passthrough to allow the certificates:

  • mule-manager.anypoint.mulesoft.com

  • mule-manager.eu1.anypoint.mulesoft.com

  • runtime-manager.anypoint.mulesoft.com

  • runtime-manager.eu1.anypoint.mulesoft.com

  • runtime-manager.gov.anypoint.mulesoft.com

  • arm-auth-proxy.prod.cloudhub.io

  • data-authenticator.anypoint.mulesoft.com

  • data-authenticator.gov.anypoint.mulesoft.com

In addition, the following endpoints use WebSockets:

  • mule-manager.anypoint.mulesoft.com

  • mule-manager.eu1.anypoint.mulesoft.com

  • runtime-manager.anypoint.mulesoft.com

  • runtime-manager.eu1.anypoint.mulesoft.com

  • runtime-manager.gov.anypoint.mulesoft.com

Ports

Region Name Port

US

anypoint.mulesoft.com

443

US

mule-manager.anypoint.mulesoft.com

443

US

runtime-manager.anypoint.mulesoft.com

443

US

analytics-ingest.anypoint.mulesoft.com

443

US

arm-auth-proxy.prod.cloudhub.io

443

US

data-authenticator.anypoint.mulesoft.com

443

US

exchange2-asset-manager-kprod.s3.amazonaws.com

443

US-GOV

runtime-manager.gov.anypoint.mulesoft.com

443

US-GOV

data-authenticator.gov.anypoint.mulesoft.com

443

US-GOV

gov.anypoint.mulesoft.com

443

EU

eu1.anypoint.mulesoft.com

443

EU

mule-manager.eu1.anypoint.mulesoft.com

443

EU

runtime-manager.eu1.anypoint.mulesoft.com

443

EU

analytics-ingest.eu1.anypoint.mulesoft.com

443

EU

arm-auth-proxy.prod-eu.msap.io

443

EU

data-authenticator.eu1.anypoint.mulesoft.com

443

EU

exchange2-asset-manager-kprod-eu.s3.eu-central-1.amazonaws.com

443

Static IP Addresses

  • Whitelist these static IPs in the US region to access the mule-manager hosts:

    Region Name IP Address

    US

    mule-manager.anypoint.mulesoft.com

    52.201.174.72

    US

    mule-manager.anypoint.mulesoft.com

    52.201.67.218

  • Whitelist these static IPs in the US region to access the runtime-manager hosts:

    Region Name IP Address

    US

    runtime-manager.anypoint.mulesoft.com

    18.214.68.14

    US

    runtime-manager.anypoint.mulesoft.com

    35.174.151.175

    US-GOV

    runtime-manager.gov.anypoint.mulesoft.com

    52.61.85.119

    US-GOV

    runtime-manager.gov.anypoint.mulesoft.com

    3.32.47.1

    US-GOV

    runtime-manager.gov.anypoint.mulesoft.com

    160.1.154.225

  • Whitelist these static IPs in the US region to access the data-authenticator hosts:

    Region Name IP Address

    US-GOV

    data-authenticator.gov.anypoint.mulesoft.com

    15.200.57.78

    US-GOV

    data-authenticator.gov.anypoint.mulesoft.com

    15.200.174.74

    US-GOV

    data-authenticator.gov.anypoint.mulesoft.com

    160.1.51.12

  • Whitelist these static IPs in the US region to access the MuleSoft Government Cloud hosts:

    Region Name IP Address

    US

    gov.anypoint.mulesoft.com

    52.61.24.192

    US

    gov.anypoint.mulesoft.com

    52.61.103.227

  • Whitelist these static IPs in the EU region to access the mule-manager hosts:

    Region Name IP Address

    EU

    mule-manager.eu1.anypoint.mulesoft.com

    18.195.19.18

    EU

    mule-manager.eu1.anypoint.mulesoft.com

    18.194.245.32

  • Whitelist these static IPs in the EU region to access the runtime-manager hosts:

    Region Name IP Address

    EU

    runtime-manager.eu1.anypoint.mulesoft.com

    18.185.141.77

    EU

    runtime-manager.eu1.anypoint.mulesoft.com

    3.123.216.217

Dynamic IP Addresses

Some of the IP addresses used by Anypoint Platform services are assigned automatically by the underlying cloud infrastructure. Because these are dynamic, do not implement a whitelist based on the specific IP addresses assigned to Anypoint services.

Many firewall devices allow you to define Layer 7 firewall rules so that you can filter by destination name or application type.

Include the following hostnames in your Layer 7 firewall rules:

Region Hostname

US

anypoint.mulesoft.com

US

analytics-ingest.anypoint.mulesoft.com

US

arm-auth-proxy.prod.cloudhub.io

US

data-authenticator.anypoint.mulesoft.com

US-GOV

runtime-manager.gov.anypoint.mulesoft.com

US-GOV

data-authenticator.gov.anypoint.mulesoft.com

US-GOV

gov.anypoint.mulesoft.com

EU

eu1.anypoint.mulesoft.com

EU

analytics-ingest.eu1.anypoint.mulesoft.com

EU

arm-auth-proxy.prod-eu.msap.io

EU

data-authenticator.eu1.anypoint.mulesoft.com

Was this article helpful?

💙 Thanks for your feedback!

Edit on GitHub