Firewall Setup

This guide will give you the basic information needed to setup your firewall for a typical integration with FreightWise.  For more information, or details about your specific integration, contact your FreightWise Account Director.

You are hosting an API that FreightWise will access

In this case, you will need to allow connections from the following FreightWise IP addresses:

  • 34.225.27.84
  • 54.88.246.170
  • 54.174.36.37
  • 104.51.122.201
  • 34.192.218.34

These IP addresses are subject to change.

You have a FreightWise Server on-premise (or in your cloud)

Ingress

The FreightWise server will only need to allow established / related traffic for ingress. 

Egress

For egress, the server will likely need access to your ERP database.  In addition, the server will need to be able to connect to the internet for updates, monitoring, and relaying information back to FreightWise.

Recommended:

  • ERP application database or API
  • The internet

If you must manage outbound traffic rules from the server, you will need to allow the following:

  • Access to FreightWise APIs (see below)
  • Access to Canonical's APT repos for Ubuntu security updates
  • Access to Docker's APT repos for security updates
  • Access to Amazon Web Services (see IP addresses here)
    • CloudFront
    • CloudWatch
    • Elastic Container Repository
    • Simple Queue Service
    • Systems Manager

You are calling a FreightWise API

Our client integration APIs are hosted by Amazon Web Services.  We use API Gateway, which is running behind a CloudFront CDN.  To allow connections to the FreightWise API, you will need to allow all CloudFront IP addresses.

CloudFront IP addresses can be found here.  You will need to add rules for all rows containing "service": "CLOUDFRONT".

 

0 Comments

Article is closed for comments.