FIREWALL CONFIGURATION GUIDES

Connectivity between Extreme cloud and the managed network is required. Ensure all in-line firewalls allow outbound connections to the following Extreme cloud services:

Global Data Center Services

Domain Name IPv4 Addresses Protocol Port
redirector.aerohive.com 54.172.0.252 HTTPS TCP 443
HTTP TCP 80
UDP UDP 12222
hmupdates-ng.aerohive.com 54.86.95.132 HTTPS TCP 443
extremecloudiq.com 34.253.190.192 ~ 34.253.190.255 HTTPS TCP 443
18.194.95.0 ~ 18.194.95.15
3.234.248.0 ~ 3.234.248.31
44.234.22.92 ~ 44.234.22.95
cloud-rd.aerohive.com 34.253.190.192 ~ 34.253.190.255 HTTPS TCP 443
stun.extremecloudiq.com 3.234.248.28, 3.234.248.29 UDP UDP 12222
18.194.95.14, 18.194.95.15

US_East2 Regional Data Center Services

IPv4 Addresses Block Protocol Ports
34.202.197.0 ~ 34.202.197.63
3.234.248.0 ~ 3.234.248.31
44.192.245.0 ~ 44.192.245.63
HTTP TCP 80
HTTPS TCP 443, 8090
TCP TCP 2083, 20000 ~ 20256
UDP UDP 12222


Extreme Networks devices attempt to obtain the time and date for their internal clocks from an NTP (Network Time Protocol) server. Accurate time and date settings are critical for several key operations including country and region detection, certification validation, schedule enforcement, and event logging. To ensure Access Points can obtain the correct time, please do either of following:
  • Create firewall rule to allow outbound traffic from Extreme Networks devices to 0.aerohive.pool.ntp.org on UDP port 123
  • Configure DHCP options on your DHCP server to assign an allowed NTP server to Extreme Networks devices.