What IP addresses need to be allowed on a firewall so Cacheflow can function.



The Cacheflow product needs to access a number of IP addresses through a firewall in order to do the following functions:

1. Upload diagnostic information such as the sysinfo, eventlog, and sysinfo-stats snapshots

2. Download the Bluecoat web filter database

3. Download Cachepulse

4. Download software updates

5. Allow Remote diagnostics

In most ISP deployments reflect client IP is used and the firewall will allow the client IP addresses access to the internet.  However the firewall may not allow the Cacheflow's IP address to access the internet.  The Cacheflow must use its IP address as it is originating the tcp connection.  Therefore a the Cacheflow's IP address must have access to a list of IP addresses.


The following is the list of IP addresses/names that the Cacheflow needs access to in order to perform the functions listed below:

1. hb.bluecoat.com

 Allows the Cacheflow to upload heartbeat information to the heartbeat server.

2. upload.bluecoat.com

Used when the send command uploads diagnostic information to bluecoat.

3. cacheflow-remote-support.bluecoat.com

Used when a remote diagnostic sessions is required by support.

4. cacheflow-list.es.bluecoat.com

Used when downloading Cachepulse and Blue Coat Webfilter databases.  This server has several geographically-distributed PoPs, and is subject to occasional load-balancing changes. It doesn't change often (for a given deployment), but it has changed several times in the past.

5. bto.bluecoat.com

Used to download software updates directly to the CacheFlow.

6. abrca.bluecoat.com

Used to retrieve the "birth-certificate" of a device. 

Additional Information
Bug Number
InQuira Doc IdKB4830

Article Feedback

Did this Article solve your issue?
Additional Comments:
Previous MonthNext Month