Genesys Cloud (formerly PureCloud)

Discussion Thread View
Expand all | Collapse all

Cloud Media Services CIDR IP address range

  • 1.  Cloud Media Services CIDR IP address range

    GCAP Member
    Posted 01-18-2021 10:57
    Hello,

    Wondering if there is an actual date for this change to your firewall ports/services guidance. What's "early 2021"?

    Also, will the existing AWS-Json references still be valid? Or will this be a hard cut of sorts?

    Thanks
    Dean.
    #Telephony

    ------------------------------
    Dean Thames
    Koch Business Solutions
    ------------------------------


  • 2.  RE: Cloud Media Services CIDR IP address range

    Top 25 Contributor
    Posted 01-20-2021 13:33
    From what I heard, all new servers will use the new range by February 2021 and after they are online, the old will be deprecated.

    ------------------------------
    Robert Wakefield-Carl
    Avtex Solutions, LLC
    Contact Center Innovation Architect
    robertwc@avtex.com
    https://www.Avtex.com
    https://RobertWC.Blogspot.com
    ------------------------------



  • 3.  RE: Cloud Media Services CIDR IP address range

    Top 25 Contributor
    Posted 01-20-2021 14:45
    Can someone please point me to the announcement of this change?

    ------------------------------
    Vaun McCarthy
    NTT New Zealand Limited
    ------------------------------



  • 4.  RE: Cloud Media Services CIDR IP address range

    Top 25 Contributor
    Posted 01-20-2021 14:55
    Cloud Media Services CIDR IP address range - Genesys Cloud Resource Center (mypurecloud.com)

    November 4, 2020 - Genesys Cloud Resource Center (mypurecloud.com)

    Note: Genesys Cloud currently uses IP addresses found in the Amazon AWS IP address JSON file, but these services will be migrating to this dedicated CIDR block of IP addresses in the future.

    ------------------------------
    Robert Wakefield-Carl
    Avtex Solutions, LLC
    Contact Center Innovation Architect
    robertwc@avtex.com
    https://www.Avtex.com
    https://RobertWC.Blogspot.com
    ------------------------------



  • 5.  RE: Cloud Media Services CIDR IP address range

    Top 25 Contributor
    Posted 01-20-2021 15:02
    Thanks Robert, I'm guessing based on a quick sleepy reading of that, if the customer's firewall rules are domain rather than IP based then this change shouldn't in theory have any impact?

    ------------------------------
    Vaun McCarthy
    NTT New Zealand Limited
    ------------------------------



  • 6.  RE: Cloud Media Services CIDR IP address range

    Top 25 Contributor
    Posted 01-20-2021 15:11
    Yes in theory, but I have not met a security guy that is okay with the DNS names and opening to the entire AWS realm.   Also, the current media servers are not DNS-based, but can come from just about any AWS IP.

    ------------------------------
    Robert Wakefield-Carl
    Avtex Solutions, LLC
    Contact Center Innovation Architect
    robertwc@avtex.com
    https://www.Avtex.com
    https://RobertWC.Blogspot.com
    ------------------------------



  • 7.  RE: Cloud Media Services CIDR IP address range

    GENESYS
    Posted 01-22-2021 14:31
    Please note that you do not need to coordinate your firewall change with the use of the CIDR range.  If you add the range to your firewall at your earliest convenience that will allow you to access that additional range when it is utilized.  For some time you will want to keep the existing ranges and the new ranges in the allowed list, until you are updated that the old ranges are no longer in use.

    ------------------------------
    Phil Whitener
    Genesys - Employees
    ------------------------------



  • 8.  RE: Cloud Media Services CIDR IP address range

    Posted 13 days ago
    Edited by Jeff Hoogkamer 13 days ago

    Hi @Phil Whitener,

    Hoping I can tag onto the end of this discussion :)

    We are newly onboarding to Genesys Cloud (which will be well after the 24 Feb) and currently in the process of evaluating the required firewall rules to allow communications with Genesys Cloud.

    Can I assume that for the 'Genesys Cloud services' listed (including BYOC Cloud edge devices, managed phones and WebRTC) that we would only need a destination of 52.129.96.0/20 and won't need to add all the AWS IP's for cloud media services?

    Is there a way to confirm that after 24 Feb that our instance will only use the 52.129.96.0/20 range (or force it to)? Will new connections after 24 February only use the new range if successful and stop using the existing AWS shared ranges - or be a mixture until migration is complete?

    Having a single range for the cloud media services will be great - which means I don't have to convince our firewall team to add all the AWS IP's for cloud media services.

    Cheers,
    Jeff





  • 9.  RE: Cloud Media Services CIDR IP address range

    GCAP Member
    Posted 13 days ago
    Exactly. We are in the same situation here. We cannot use WebRTC due to the AWS Range, but if it could limited to this Range would amazing to get rid off the SIP Softphone

    ------------------------------
    Gennaro Montanino
    ------------------------------