[VMC on AWS] IP ranges of hybridity-depot.vmware.com and connect.hcx.vmware.com
search cancel

[VMC on AWS] IP ranges of hybridity-depot.vmware.com and connect.hcx.vmware.com

book

Article ID: 336973

calendar_today

Updated On:

Products

VMware HCX VMware Cloud on AWS VMware Cloud on Dell EMC

Issue/Introduction

To deploy and configure HCX, some ports have to be allowed at the on-premise firewall. HCX Manager (Connector and Cloud) should have access to the following URLs over port 443 
  • connect.hcx.vmware.com
  • hybridity-depot.vmware.com

Sometimes there might be a requirement of specific IPs/ ranges of IP addresses as the firewall is incapable of configuring the URL-based rules.  

Resolution

These FQDNs are behind a CDN load balancer and rotate which IPs are resolved constantly. For CDN we get services from a third party. The IP ranges are completely managed by the CDN vendor

IPs can be obtained by doing nslookup from the cloud gateway appliance but these IPs are temporary and change without any notice to the customer. Hence, it is recommended to always point it to the FQDN and not specific IPs.

Workaround:
As a workaround, this tool can be used to track IPs associated with a DNS name: https://centralops.net/co/

However, the solution devised is temporary as the DNS server the responses may change from hour to hour or even query to query depending on which data center they want to serve you from.

Additional Information

For more information on HCX ports and protocols, please see: HCX Ports and Protocols

Powered by Wolken Software