Umbrella SIG User Guide

The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Connect to Cisco Umbrella Through Tunnel

Suggest Edits

To create an IPsec tunnel, you must connect to one of the following Umbrella head-end IP addresses. We recommend choosing the IP address with the same region code for both your primary and secondary data center locations.

The data centers listed here are only for IPsec connections to the Umbrella SWG and CDFW. Cisco Umbrella has additional data centers for non-IPsec connections to SWG. For a list of Umbrella data centers, see Global data centers.

In further sample configurations on docs.umbrella.com, <*umbrella_dc_ip*> refers to these IP addresses.

Region Code
DC Location
IP

US-1

Los Angeles, CA

146.112.67.8

US-1

Santa Clara, CA

146.112.66.8

US-2

New York, NY

146.112.83.8

US-2

Ashburn, VA

146.112.82.8

US-3

Miami, FL

146.112.84.8

US-3

Atlanta, GA

146.112.85.8

EU-1

London, UK

146.112.97.8

EU-1

Frankfurt, DE

146.112.96.8

EU-2

Paris, FR

146.112.102.8

EU-2

Prague, CZ

146.112.103.8

EU-3

Copenhagen, DK

146.112.100.8

EU-3

Stockholm, SE

146.112.101.8

EU-4

Milan, IT

146.112.107.8

EU-4

Madrid, ES

146.112.106.8

AS-1

Singapore, SG

146.112.113.8

AS-1

Tokyo, JP

146.112.112.8

AS-2

Mumbai, IN

146.112.117.8

AS-2

Hong Kong*

146.112.116.8

AU-1

Sydney, AU

146.112.118.8

AU-1

Melbourne, AU

146.112.119.8

CA-1

Toronto, CA

146.112.65.8

CA-1

Vancouver, CA

146.112.64.8

BR-1

Rio de Janeiro, BR

146.112.93.8

BR-1

São Paulo, BR

146.112.92.8

  • Hong Kong and 146.112.116.8 will be replaced by a second DC in India in the future. Hong Kong will be assigned a new region and IP at that time.

IPSec Failover

Cisco Umbrella implements automatic failover of IPSec tunnels when a data center is unavailable. When this occurs, tunnels automatically move from one data center in a region to the other. For more information see IPSec Tunnel Failover.

If both data centers within a region fail, all traffic will be directed to the nearest failover (DR) site. The failover (DR) sites are listed below:

Region Code
Failover (DR) Location

US-1

Dallas, TX

US-2

Dallas, TX

US-3

Dallas, TX

EU-1

Amsterdam, NL

EU-2

Amsterdam, NL

EU-3

Amsterdam, NL

EU-4

Amsterdam, NL

AS-1

Osaka, JP

AS-2

Osaka, JP

AU-1

Osaka, JP

CA-1

Dallas, TX

BR-1

Dallas, TX

Change a Firewall Priority < Connect to Cisco Umbrella Through Tunnel > Monitor Hit Count

Updated about a month ago

Connect to Cisco Umbrella Through Tunnel

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.