Simplifying Zero Trust Security for AWS with Teleport
Jan 23
Virtual
Register Now
Teleport logoTry For Free
Fork me on GitHub

Teleport

Public IP Address Allowlist

Teleport Agents connected to cloud-hosted Teleport Enterprise clusters must be allowed to connect to the following IP addresses in order to join the Teleport cluster.

3.7.23.103/32
3.67.31.207/32
3.109.188.166/32
13.215.3.254/32
18.136.170.204/32
18.197.230.105/32
18.228.73.158/32
35.82.240.238/32
44.198.252.22/32
44.213.172.215/32
44.217.250.22/32
50.112.183.104/32
52.59.15.95/32
52.66.6.236/32
52.67.142.215/32
52.220.247.39/32
54.94.211.77/32
54.185.13.106/32

This list may be used to allowlist outbound network connections from Teleport Agents to cloud-hosted Teleport Enterprise.

Allowlisting these IPs is not a required or recommended configuration for Teleport Agents, but it may be useful in environments that require restrictions to outbound network connections. For example, this list may be used to configure firewalls that sit in front of Teleport Agents, when those firewalls block access to the public internet by default.

Note that IP addresses may be added or removed from the above list over time.

When this list is modified, we will provide at least two weeks notice by:

  1. Updating the Changelog below.
  2. Notifying cloud-hosted Teleport Enterprise customers via email.
  3. Providing a Status Page update.
  4. Reaching out directly to Enterprise customers that have requested advanced notice.

If you are Teleport Enterprise customer and plan to employ this allowlist, please let us know by opening a support ticket.

Additionally, to receive Teleport agent updates, nodes must be able to reach the following domains via HTTPS during the update.

apt.releases.teleport.dev
yum.releases.teleport.dev
cdn.teleport.dev

Changelog

  • 2024-06-06: List published