Firewall Rules for External Traffic

Language:

Note - The source for all these entries is Oracle Advanced Support Gateway. The rules in Figure 1, Table 1, Firewall Rules Between Oracle Advanced Support Gateway and the Oracle Services Support Center apply to all of Oracle's Connected Services.

Table 1 Firewall Rules Between Oracle Advanced Support Gateway and the Oracle Services Support Center

Destination	Destination IP Address(es)	Application Protocol	Network Protocol/Port	Purpose
adc-ps-ssl-vpn.oracle-occn.com llg-ps-ssl-vpn.oracle-occn.com tokyo-ps-ssl-vpn.oracle-occn.com	198.17.210.28 141.143.215.68 140.83.95.28	TLS VPN	TCP/443 - TLS UDP/443 - DTLS (Datagram TLS)	To establish a TLS VPN connection* between Oracle and Oracle Advanced Support Gateway. *Cannot support communication through an internet proxy.
dts.oracle.com	192.206.43.1	HTTPS	TCP/443	To securely transport monitoring data to Oracle.
transport-adc.oracle.com	141.146.156.41	HTTPS	TCP/443	To securely transport monitoring and other data to Oracle.
ccr.oracle.com	141.146.54.49	HTTPS	TCP/443	To upload the customer's configuration data to Oracle's centralized configuration repository.
support.oracle.com	141.146.54.16	HTTPS	TCP/443	To download patches onto Oracle Advanced Support Gateway from My Oracle Support (MOS) via the Oracle Enterprise Manager (OEM) Cloud Control UI.
login.oracle.com Note - Each hostname currently resolves to multiple working IP addresses. Access to all addresses listed must be permitted as Oracle will switch from one to another in the near future.	209.17.4.8 156.151.58.18 141.146.8.119	HTTPS	TCP/443	To connect to Oracle's centralized authentication site.
updates.oracle.com	141.146.44.51	HTTPS	TCP/443	To provide patch downloads via Oracle Enterprise Manager (OEM).
ZFS Phone Home	129.157.65.13 129.157.65.14 141.146.1.169	ZFS Phone Home	TCP/443	ZFS fault monitoring is shipped direct to these Oracle systems. Used when Oracle Advanced Support Gateway hosts a proxy server for the ZFS Storage Heads.
oauth-e.oracle.com	156.151.58.70 209.17.4.26 Note - 156.151.58.70 and 209.17.4.26 are multiple IP addresses used to service oauth-e.oracle.com. DNS resolution may return a different IP address. Ensure access is granted for each IP directly.	HTTPS	TCP/443	To provide support for Oracle centralized authentication for Oracle Enterprise Manager.