Hey everyone, Just a heads-up for those of you utilizing SonicWall Cloud Secure Edge (CSE) (formerly Banyan Security). We are expanding the Global Edge infrastructure and adding new IP addresses starting on January 7. To prevent service interruptions, you may need to update your conditional access rules in Azure or other SaaS IP Whitelisting for the egress IPs and ensure your connectors can reach the ingress IPs. All IPs are listed here; Global Edge Network IP Ranges - SonicWall Cloud Secure Edge Documentation. There are two categories of IPs you need to be aware of: 1. Ingress IPs (Connector Connectivity) These are the Public IPs of the CSE Global Edge. Your on-prem Connectors dial out to these addresses to establish the secure tunnel. Action: Ensure your firewall allows outbound traffic from your Connector to these IPs. US-West1 (Ingress) 35.227.136.249 34.168.44.174 34.169.80.220 35.230.123.57 Europe-West2 (Ingress) 35.246.100.76 34.142.30.141 35.197.227.181 35.197.232.99 2. NAT Egress IPs (Source IP Whitelisting) These are the IPs that traffic from the CSE Edge will appear to come from when accessing your private resources or SaaS apps (e.g., Azure Conditional Access). Action: Ensure your firewall allows inbound traffic from these IPs to your private resources (e.g Azure Conditional Access rules). US-West1 (NAT Egress) 104.199.123.97 34.168.118.137 136.117.221.23 34.11.166.144 34.187.197.149 34.83.132.236 Europe-West2 (NAT Egress) 34.89.13.98 35.246.83.168 34.39.107.4 34.105.154.36 These IPs are currently marked as "Reserved" in our backend but will be entering active rotation in January. It is highly recommended to whitelist the full list now to future-proof your setup. If you have any questions reach out to your account team.
Posted Dec 08, 2025 - 10:13 PST
This scheduled maintenance affects: Global Edge (Regional POPs, United States (Primary), Europe (Primary)).