support.umbrella.com Open in urlscan Pro
216.198.54.1  Public Scan

Form analysis
1 forms found in the DOM

GET /hc/en-us/search

<form role="search" class="search" data-search="" data-instant="true" autocomplete="off" action="/hc/en-us/search" accept-charset="UTF-8" method="get"><input name="utf8" type="hidden" value="✓" autocomplete="off"><input type="search" name="query"
    id="query" placeholder="Search articles" autocomplete="off" aria-label="Search articles"></form>

Text Content

Skip to main content


END OF LIFE FOR UMBRELLA ROAMING CLIENT



In line with our communication in October 2023, Cisco has announced end of life
for Umbrella Roaming Client software on April 2, 2024. Last date of support will
be April 2, 2025. We recommend that customers begin planning and scheduling
their migration to Cisco Secure Client now.

See more
Umbrella Security Platform DNS Layer Security Roaming Client Secure Internet
Gateway
Submit a request Sign in


 1. Cisco Umbrella
 2. Secure Internet Gateway (SIG)
 3. Secure Web Gateway (SWG)


ARTICLES IN THIS SECTION

Articles in this section
 * Expiration of certificate from Cisco Umbrella proxy is within days of the
   present date
 * Why Are Users Experiencing an Increase in 516 Errors on Umbrella Secure Web
   Gateway Since October 2023?
 * How do I capture and export troubleshooting logs for Cisco Secure Client for
   Chromebook?
 * How do I resolve the error "516 Upstream Certificate CN Mismatch" error when
   browsing to an HTTPS URL?
 * Troubleshooting SWG Website access issues
 * How do I resolve the error "517 Upstream Certificate Revoked" error when
   browsing to an HTTPS URL?
 * Troubleshooting Non-Browser Applications
 * Umbrella’s Secure Web Gateway Provides U.S. Ring Fencing
 * Umbrella will categorize Webex Meeting IP Addresses as Online Meetings
 * Why is my security auditing tool flagging the Cisco Umbrella Root CA digital
   certificate as a risk?

See more


PROMOTED ARTICLES

Promoted articles
 * Umbrella Announcements Are Moving!
 * Cisco Secure Client 5.1.5.65 (MR5)
 * Does Cisco Secure Client support Umbrella DNS protection in single stack IPv6
   networks?
 * Troubleshooting Umbrella Custom Block Page - Bypass User/code
 * Umbrella Android Client (UAC) user identity support
 * Why do I see certificate errors when using blocked page bypass?
 * Umbrella Software Release Notes Have Moved
 * How to Translate Client Build Number to Maintenance Release (MR)
 * Expiration of certificate from Cisco Umbrella proxy is within days of the
   present date
 * More threat context added to Investigate
 * Can Umbrella protect my systems from attacks and vulnerabilities?
 * How To: Submit A Categorization Request
 * What Are the Problems with Google Services When Using QUIC and Secure Web
   Gateway?
 * Using DNS over HTTPS (DoH) with Umbrella
 * Using Umbrella DNS with an HTTP proxy


WHAT IPS AND DOMAINS SHOULD BE ALLOWED IN CUSTOMER FIREWALLS FOR SECURE WEB
GATEWAY?

Eden
 * 2 days ago
 * Updated
 * 1 min read

FollowNot yet followed by anyone


BROWSE

 * Overview
 * Prerequisite
 * IP Addresses
 * Domains


OVERVIEW



Customers deploying Umbrella's Secure Web Gateway (SWG) are recommended to allow
SWG's IP space to ensure traffic is allowed through their perimeter firewalls. 
This also applies to any web filtering appliances that the customers may have. 

 


PREREQUISITE



This article applies to SWG deployments with PAC file or AnyConnect client with
SWG module. 

 


IP ADDRESSES



Cisco Umbrella is an elastic cloud service, and its IP space is dynamic and
constantly changing.  Customers deploying the Umbrella SWG product are
recommended to allow the following CIDRs on their perimeter firewalls to ensure
they can connect to the Umbrella SWG service:

67.215.64.0/19
146.112.0.0/16
151.186.0.0/16
155.190.0.0/16
185.60.84.0/22
204.194.232.0/21
208.67.216.0/21
208.69.32.0/21

 

Traffic profile:

 * Protocol = TCP
 * Ports = outbound 80 and 443

 


DOMAINS



It is also recommended that these domains are bypassed at the source in order to
ensure that all traffic is allowed:

isrg.trustid.ocsp.identrust.com
*.cisco.com
*.opendns.com
*.umbrella.com
*.okta.com
*.oktacdn.com
*.pingidentity.com
secure.aadcdn.microsoftonline-p.com

 


WAS THIS ARTICLE HELPFUL?

Yes No
3 out of 4 found this helpful
Have more questions? Submit a request



RELATED ARTICLES

 * Additional Egress IP Address Range
 * Reserved IP is now Generally Available and New Egress Information in Activity
   Search
 * SWG SAML - Utilizing Umbrella's Fixed Metadata URL
 * File Inspection Blocking Password-Protected and Other Non-Malicious Files
 * Guide to External Domains in the Cisco Secure Client Secure Web Gateway (SWG)
   module

×

Need more support? Check out our additional resources below!

DOCUMENTATION LEARNING HUB

SERVICE UPDATES

 * Umbrella Service Status Page

LEARN MORE

 * Webinars
 * Docs
 * Support

ABOUT

 * Blog

Copyright © 2022 Cisco Umbrella All Rights Reserved

Cookies allow us to optimise your use of our website. We also use third-party
cookies for advertising and analytics. Please read our Privacy Statement and
Cookie Notice for more information.
Manage cookie settings Reject Accept



CONSENT MANAGER




 * YOUR PRIVACY


 * STRICTLY NECESSARY COOKIES


 * PERFORMANCE COOKIES


 * TARGETING COOKIES


 * FUNCTIONAL COOKIES

YOUR PRIVACY

When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer. Privacy Statement

STRICTLY NECESSARY COOKIES

Always Active

These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms.    You can set your browser to
block or alert you about these cookies, but some parts of the site will not then
work. These cookies do not store any personally identifiable information.

PERFORMANCE COOKIES

Performance Cookies


These cookies provide metrics related to the performance and usability of our
site. They are primarily focused on gathering information about how you interact
with our site, including: page load times, response times, error messages, and
allowing a replay of a visitor’s interactions with our site, which enables us to
review and analyze visitor behavior, helping to improve site usability and
functionality. These cookies also allow us to count visits and traffic sources
so we can measure and improve the performance of our site. They help us to know
which pages are the most and least popular and see how visitors move around the
site. If you do not allow these cookies we will not know when you have visited
our site and will not be able to monitor its performance.

TARGETING COOKIES

Targeting Cookies


These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites.    They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.

FUNCTIONAL COOKIES

Functional Cookies


These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages.    If you do not allow these cookies then
some or all of these services may not function properly.

Back Button


COOKIE LIST

Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label

Clear
checkbox label label
Apply Cancel
Save Settings
Allow All