IP addresses for the firewall allowlist
- December 7, 2024 - Additional CIDR block (Commercial regions): 136.245.64.0/18
Genesys Cloud is deployed in a public cloud environment where IP addresses are expected to change. The IP addresses used by Genesys Cloud are provided by our vendor from their public IP pool, which contains many IP addresses used by many other organizations. All client connections (including BYOC Premises Edges, WebRTC Clients, and hard phones for BYOC Cloud and Genesys Cloud Voice customers) to Genesys Cloud are started as outbound connections to Genesys Cloud cloud services. When network access restrictions are used, such as a firewall, Genesys Cloud recommends allowing client outbound access on the specified ports to any IP destination.
For more information about IP addresses and ports, see the following FAQs:
- Why do we need to allow so many Amazon/AWS IP addresses?
- Why does Genesys Cloud require that I have so many open ports on my firewall?
Genesys Cloud also uses certain IP addresses for outbound data action traffic, outbound Open Messaging traffic, AudioHook, and outbound SMTP traffic to customer endpoints. You can add these IP addresses to your allowlist to prevent unauthorized access to your API resources. To retrieve a list of these IP addresses, call GET /api/v2/ipranges.
The table below lists each vendor and, where available, provides a list of potential IP addresses its services use. For more information about other ports and services for your firewall, see About ports and services for your firewall.
| Owner | Services | IP addresses | Description |
|---|---|---|---|
| Amazon AWS | Genesys Cloud Amazon AWS |
See the Amazon AWS IP address JSON file. |
Amazon AWS uses a large set of IP address ranges.
|
|
Amazon AWS uses a large set of IP address ranges. Services deployed in AWS can use any of these addresses, and addresses are subject to change frequently. Amazon provides and maintains a list of available IP addresses, which is subject to change. To make sure that you are aware of the most recent changes in the Amazon AWS IP address JSON file, Genesys recommends that customers subscribe to AWS IP address range notifications. For more information about the JSON file and the notification system, see AWS IP address ranges. It is possible to limit the range of IP addresses from AWS based on your region. However, the AWS Global region must ALWAYS be included in any allowlist that you create based on the Amazon AWS IP address JSON file.
|
|||
| Genesys Cloud Media |
|
Core/Satellite regions
FedRAMP region
|
Genesys-owned /20 and /21 CIDR IP address ranges for public facing media services. Genesys Cloud uses the CIDR IP address ranges in most supported regions. For more information, see Cloud media services CIDR IP address range. |
| Genesys AudioHook Monitor | For more information, see How can I obtain the IP address range for my region where AudioHook protocol requests could originate from so that I can add it to my allowlist? | ||
| Genesys Audio Connector |
For more information, see How can I obtain the IP address range for my region where Audio Connector protocol requests could originate from so that I can add it to my allowlist? |
||
| Genesys Bot Connector |
For more information, see How can I obtain the IP address range for my region where Bot Connector protocol requests could originate from so that I can add it to my allowlist? |
||
| BYOT Speech-to-text (STT) |
For more information, see How can I obtain the IP address range for my region where BYOT-STT protocol requests could originate from so that I can add it to my allowlist? |
||
| Google publishes a complete list of the IP ranges that it makes available to users in goog.json. | |||
| New Relic | See the NewRelic IP and domain details. | ||
| Polycom | Polycom does not provide a list of potential IP addresses its services use. | ||
| ContentSquare |
ContentSquare recommends adding the following IP addresses to your firewall allowlist: 52.18.162.157 20.75.90.236 100.24.76.90 34.192.98.148 20.67.250.109 54.247.44.196 52.51.9.12 35.72.153.38 35.73.99.41 |
||
Note: Although Genesys Cloud owns the /20 CIDR IP address range for public facing media services, Genesys Cloud does not own any of the other IP addresses it uses. These other IP addresses come from third-party service provider IP pools. The availability of potential IP address lists depends on each provider providing those IP addresses. IP lists that are provided do not only list IP in use by Genesys Cloud, but include IP addresses used by other non-Genesys Cloud services.
| Modified date (YYYY-MM-DD) |
Revision |
|---|---|
| 2024-10-21 | Added Genesys Audio Connector, Genesys Bot Connector, and BYOT Speech-to-text (STT). |
| 2024-09-30 | Added IP addresses for ContentSquare. |
| 2024-08-26 | CIDR for FedRAMP released. Removed Coming soon flags. |
| 2024-08-06 | Modified the “Learn more about Amazon AWS IP addresses” content. |
| 2024-08-01 | Added Genesys AudioHook Monitor. |
| 2023-03-01 | New Core/Satellite and FedRAMP CIDR IP address ranges now generally available. |
| 2022-11-18 | Added new Core/Satellite and FedRAMP CIDR IP address ranges as Coming soon. |
| 2021-06-30 | Google now publishes their IP ranges – added a link to the JSON file that contains Google’s complete list of IP ranges. |
| 2021-04-07 | Added a new row for the Genesys Cloud Media services 20 CIDR IP address range. |
| 2020-12-14 | Broke out the main sections of the larger Ports and services for your firewall article into smaller articles. Created this article to cover the IP addresses for the firewall allowlist. |
