Connect to Cisco Umbrella Through Tunnel
To create an IPsec tunnel, you must connect to one of the following Umbrella head-end IP addresses. We recommend choosing the IP address with the same region code for both your primary and secondary data center locations.
The data centers listed here are only for IPsec connections to the Umbrella SWG and CDFW. Cisco Umbrella has additional data centers for non-IPsec connections to SWG. For a list of Umbrella data centers, see Global data centers.
In further sample configurations on docs.umbrella.com, <*umbrella_dc_ip*> refers to these IP addresses.
Region Code | DC Location | IP |
|---|---|---|
US-1 | Los Angeles, CA | 146.112.67.8 |
US-1 | Santa Clara, CA | 146.112.66.8 |
US-2 | New York, NY | 146.112.83.8 |
US-2 | Ashburn, VA | 146.112.82.8 |
US-3 | Miami, FL | 146.112.84.8 |
US-3 | Atlanta, GA | 146.112.85.8 |
EU-1 | London, UK | 146.112.97.8 |
EU-1 | Frankfurt, DE | 146.112.96.8 |
EU-2 | Paris, FR | 146.112.102.8 |
EU-2 | Prague, CZ | 146.112.103.8 |
EU-3 | Copenhagen, DK | 146.112.100.8 |
EU-3 | Stockholm, SE | 146.112.101.8 |
EU-4 | Milan, IT | 146.112.107.8 |
EU-4 | Madrid, ES | 146.112.106.8 |
AF-1 | Johannesburg, ZA | 146.112.108.8 |
AF-1 | Cape Town, ZA | 146.112.109.8 |
AS-1 | Singapore, SG | 146.112.113.8 |
AS-1 | Tokyo, JP | 146.112.112.8 |
AS-2 | Mumbai, IN | 146.112.117.8 |
AS-2 | Hong Kong* | 146.112.116.8 |
AU-1 | Sydney, AU | 146.112.118.8 |
AU-1 | Melbourne, AU | 146.112.119.8 |
CA-1 | Toronto, CA | 146.112.65.8 |
CA-1 | Vancouver, CA | 146.112.64.8 |
BR-1 | Rio de Janeiro, BR | 146.112.93.8 |
BR-1 | São Paulo, BR | 146.112.92.8 |
LA-1 | Querétaro, MX | 146.112.94.8 |
LA-1 | Miami, FL** | 146.112.84.8 |
*Hong Kong and 146.112.116.8 will be replaced by a second DC in India in the future. Hong Kong will be assigned a new region and IP at that time.
**Miami will be replaced by a second Latin America DC in the future with its own IP address. Customers can use Miami for automatic failover, or manually configure another data center for backup tunnels.
IPSec Failover
Cisco Umbrella implements automatic failover of IPsec tunnels when a data center is unavailable. When this occurs, tunnels automatically move from one data center in a region to the other. For more information see IPsec Tunnel Failover.
If both data centers within a region fail, all traffic directs to the nearest failover (DR) site. The failover (DR) sites are listed below:
Region Code | Failover (DR) Location |
|---|---|
US-1 | Dallas, TX |
US-2 | Dallas, TX |
US-3 | Dallas, TX |
EU-1 | Amsterdam, NL |
EU-2 | Amsterdam, NL |
EU-3 | Amsterdam, NL |
EU-4 | Amsterdam, NL |
AF-1 | Amsterdam, NL |
AS-1 | Osaka, JP |
AS-2 | Osaka, JP |
AU-1 | Osaka, JP |
CA-1 | Dallas, TX |
BR-1 | Dallas, TX |
LA-1 | Dallas, TX |
Change a Firewall Priority < Connect to Cisco Umbrella Through Tunnel > Monitor Hit Count
Updated 22 days ago