SonicWall CSC FQDN and IP list

Description

When a firewall is added manually to Capture Seurity Center (CSC), the firewall acquisition fails on CSC with ‘Network down or Unit cannot be reached’ error as WAN IP used by  CSC back-end is not the same as the resolved CSC fully qualified domain name (FQDN).

Cause

There is a WAN > WAN rule created on the firewall which allows HTTPS management access to the firewall from CSC. In many cases customer may lock down the access rule to CSC IP only which may prevent firewall acquisition on CSC.

Resolution

Allow access to following CSC-Management FQDN / IPs based on the CSC location to resolve firewall acquisition issue.

 

For SanJose Colo:

      FQDN: cloudgms.sonicwall.com,

      Zero Touch FQDN: cloudtt.global.sonicwall.com

      IP: 4.16.47.168

      4.16.47.188

For AWS Colo:

      FQDN: cscma.sonicwall.com,

      Zero Touch FQDN: cscmatt.global.sonicwall.com

      IP: 34.211.138.110,

      52.37.12.168,

      52.89.82.203

     52.11.92.114

For AMS Colo:

      FQDN: cloudgmsams.sonicwall.com

      Zero Touch FQDN: cloudttams.global.sonicwall.com

      IP: 213.244.188.168,

      213.244.188.188

For AWS-FRA Colo:

      FQDN: cscmafra.sonicwall.com

      Zero Touch FQDN: cscmafratt.global.sonicwall.com, cscmafratta.global.sonicwall.com

      IP: 18.197.234.66,

      18.197.234.59

 Please refer to How to restrict Admin access to the device.

 

For other CSC and SonicWall services:

Please refer to What FQDN's and IP's are used by SonicWall products to update their services? 

Related Articles

  • SonicWall NSM FQDN And IP List
    Read More
  • How can I enable Zero Touch?
    Read More
  • How to add a firewall to NSM manually
    Read More

Categories

Capture Security Center
Management
not finding your answers?
Ask the Community