Umbrella SIG User Guide

The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Connect to Cisco Umbrella Through Tunnel

Suggest Edits

To create an IPsec tunnel, you must connect to one of the following Umbrella head-end IP addresses. Automatic failover provides redundancy for a single tunnel configuration; however, we recommend configuring two tunnels, one to each DC in a region, with unique IPsec tunnel IDs per tunnel.

The data centers listed here are only for IPsec connections to the Umbrella SWG and CDFW. Cisco Umbrella has additional data centers for non-IPsec connections to SWG. For a list of Umbrella data centers, see Global data centers.

In further sample configurations on docs.umbrella.com, <*umbrella_dc_ip*> refers to these IP addresses.

Region Code
DC Location
IP

US-1

Los Angeles, CA

146.112.67.8

US-1

Santa Clara (Palo Alto), CA

146.112.66.8

US-2

New York, NY

146.112.83.8

US-2

Ashburn, VA

146.112.82.8

US-3

Miami, FL

146.112.84.8

US-3

Atlanta, GA

146.112.85.8

US-4

Dallas–Fort Worth, TX

146.112.72.8

US-4

Denver, CO

146.112.73.8

EU-1

London, UK

146.112.97.8

EU-1

Frankfurt, DE

146.112.96.8

EU-2

Paris, FR

146.112.102.8

EU-2

Prague, CZ

146.112.103.8

EU-3

Copenhagen, DK

146.112.100.8

EU-3

Stockholm, SE

146.112.101.8

EU-4

Milan, IT

146.112.107.8

EU-4

Madrid, ES

146.112.106.8

AF-1

Johannesburg, ZA

146.112.108.8

AF-1

Cape Town, ZA

146.112.109.8

AS-1

Singapore, SG

146.112.113.8

AS-1

Tokyo, JP

146.112.112.8

AS-2

Mumbai, IN

146.112.117.8

AS-2

Hong Kong*

146.112.116.8

AU-1

Sydney, AU

146.112.118.8

AU-1

Melbourne, AU

146.112.119.8

CA-1

Toronto, CA

146.112.65.8

CA-1

Vancouver, CA

146.112.64.8

BR-1

Rio de Janeiro, BR

146.112.93.8

BR-1

São Paulo, BR

146.112.92.8

LA-1

Querétaro, MX

146.112.94.8

LA-1

Miami, FL**

146.112.84.8

*Hong Kong and 146.112.116.8 will be replaced by a second DC in India in the future. Hong Kong will be assigned a new region and IP at that time.

**Miami will be replaced by a second Latin America DC in the future with its own IP address. Customers can use Miami for automatic failover, or manually configure another data center for backup tunnels.

IPSec Failover

Cisco Umbrella implements automatic failover of IPsec tunnels when a data center is unavailable. When this occurs, tunnels automatically move from one data center in a region to the other. For more information see IPsec Tunnel Failover.

Previously, Umbrella supported automatic, tertiary failover (DR) for all regions. It is no longer available for US, Canada, Brazil, or Latin America regions, and will be removed in the future for remaining regions. Customers can optionally setup their own tertiary failover as a third tunnel to another region.

Region Code
Failover (DR) Location

EU-1

Amsterdam, NL

EU-2

Amsterdam, NL

EU-3

Amsterdam, NL

EU-4

Amsterdam, NL

AF-1

Amsterdam, NL

AS-1

Osaka, JP

AS-2

Osaka, JP

AU-1

Osaka, JP

Change a Firewall Priority < Connect to Cisco Umbrella Through Tunnel > Monitor Hit Count

Updated 10 days ago

Connect to Cisco Umbrella Through Tunnel

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.