Hey everyone,
Just a heads-up for those of you utilizing SonicWall Cloud Secure Edge (CSE) (formerly Banyan Security).
We are expanding the Global Edge infrastructure and adding new IP addresses starting on January 7. To prevent service interruptions, you may need to update your conditional access rules in Azure or other SaaS IP Whitelisting for the egress IPs and ensure your connectors can reach the ingress IPs. All IPs are listed here; Global Edge Network IP Ranges - SonicWall Cloud Secure Edge Documentation.
There are two categories of IPs you need to be aware of:
1. Ingress IPs (Connector Connectivity)
These are the Public IPs of the CSE Global Edge. Your on-prem Connectors dial out to these addresses to establish the secure tunnel.
Action: Ensure your firewall allows outbound traffic from your Connector to these IPs.
US-West1 (Ingress)
35.227.136.249
34.168.44.174
34.169.80.220
35.230.123.57
Europe-West2 (Ingress)
35.246.100.76
34.142.30.141
35.197.227.181
35.197.232.99
2. NAT Egress IPs (Source IP Whitelisting)
These are the IPs that traffic from the CSE Edge will appear to come from when accessing your private resources or SaaS apps (e.g., Azure Conditional Access).
Action: Ensure your firewall allows inbound traffic from these IPs to your private resources (e.g Azure Conditional Access rules).
US-West1 (NAT Egress)
104.199.123.97
34.168.118.137
136.117.221.23
34.11.166.144
34.187.197.149
34.83.132.236
Europe-West2 (NAT Egress)
34.89.13.98
35.246.83.168
34.39.107.4
34.105.154.36
These IPs are currently marked as "Reserved" in our backend but will be entering active rotation in January. It is highly recommended to whitelist the full list now to future-proof your setup. If you have any questions reach out to your account team.
Posted on
Dec 08, 2025 - 10:13 PST